Intel Discovers RDFS Security Vulnerability: All CPU Models with E-Core Affected
In a recent development, Intel has uncovered a critical security vulnerability known as “Register File Data Sampling (RFDS) vulnerability.” This flaw allows hackers to use malicious programs to extract past register values from the core space, potentially compromising sensitive data.
The vulnerability impacts all devices equipped with E-Core processors, including the 12th, 13th, and 14th generation CPUs, as well as the latest Core Ultra models. In response to this discovery, Intel has rolled out updated CPU microcode and core patches to address the issue. However, implementing these mitigation measures may result in a decrease in CPU performance.
To combat the RFDS vulnerability, Intel has introduced additional VERW instructions to clear register data before transitioning from the core space to the user space. While this solution is aimed at enhancing security, it has been noted to significantly impact the performance of KVM virtualization.
A recent benchmark test conducted by foreign media outlet Phoronix using the Core i9-14900K processor on a Linux system revealed the extent of the performance loss post-patch. On average, the CPU’s performance dropped by 5%, with some tests experiencing a significant decrease of up to 10%. However, nearly half of the tests showed minimal differences in performance.
Intel continues to work on enhancing the security of its products and urges users to promptly install the latest updates to protect their devices from potential security threats.