AI and ML, Potential Risk of CVE

About CVE-2023-39368: The machine learning process requires CPUs and GPUs. Does bus lock regulator mechanism impact this area? Glad to tell, the problem fixed. (14-03-2024)

Leave a comment

CVE-2023-39368 was published on 13th March 2024. In fact, Intel solve this problem since the end of 2020. Maybe hesitant about this design weakness. So it wasn’t announced until this month.

Preface: What is Intel E core? While P cores are focused on delivering peak performance for intensive workloads, E cores ensure that the system runs efficiently during regular use.

Background: What is the lock prefix in Intel? The LOCK prefix is typically used with the BTS instruction to perform a read-modify-write operation on a memory location in shared memory environment. The integrity of the LOCK prefix is not affected by the alignment of the memory field. Memory locking is observed for arbitrarily misaligned fields.

Vulnerability details: CVE-2023-39368 – A potential security vulnerability in the bus lock regulator mechanism for some Intel Processors may allow denial of service. Intel is releasing firmware updates to mitigate this potential vulnerability.

Official announcement: Please refer to the link for details – https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00972.html

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.