{"id":24760,"date":"2022-05-11T01:48:03","date_gmt":"2022-05-10T22:48:03","guid":{"rendered":"https:\/\/kutaybilen.com.tr\/?p=24760"},"modified":"2022-05-11T01:48:03","modified_gmt":"2022-05-10T22:48:03","slug":"tum-intel-islemcilerde-guvenlik-sorunu-yaratan-acik-bulundu","status":"publish","type":"post","link":"https:\/\/kutaybilen.com.tr\/?p=24760","title":{"rendered":"T\u00fcm Intel \u0130\u015flemcilerde G\u00fcvenlik Sorunu Yaratan A\u00e7\u0131k Bulundu"},"content":{"rendered":"<p>B\u00fcy\u00fck \u00f6l\u00e7ekte\u00a0yap\u0131lan rastgele bir \u015feyi kusursuz olarak ger\u00e7ekle\u015ftirmenin yolu ne yaz\u0131k ki yoktur. Bir noktada kesinlikle s\u0131k\u0131nt\u0131larla kar\u015f\u0131la\u015f\u0131rs\u0131n\u0131z. Bu durum <strong>teknoloji \u015firketleri <\/strong>i\u00e7in de birebirdir ve \u015firketler, daima testleri ve\u00a0geri bildirimleri kullanarak bu meseleleri gidermeye \u00e7al\u0131\u015f\u0131r.<\/p>\n<p>Intel\u2019in ta\u015f\u0131nabilir, diz\u00fcst\u00fc ve masa\u00fcst\u00fc i\u00e7in \u00fcretilmi\u015f olan <strong>b\u00fct\u00fcn i\u015flemcilerini <\/strong>etkileyen bir sorun ortaya \u00e7\u0131kt\u0131. Hollandal\u0131 ara\u015ft\u0131rmac\u0131lar taraf\u0131ndan a\u00e7\u0131klanan sorun, bilhassa de <strong>eski ku\u015fak <\/strong>Intel i\u015flemcilerde tehdit olu\u015fturuyordu. Tehdidin ad\u0131ysa\u00a0&#39;CrossTalk&#39; olarak belirlendi.<\/p>\n<p><b>CrossTalk nedir?<\/b><\/p>\n<p><img decoding=\"async\" src=\"https:\/\/www.webtekno.com\/images\/editor\/default\/0002\/68\/c0a58e5b05bf7404984947cc8d01374957e072a4.png\"\/><\/p>\n<p>En kolay anlat\u0131m\u0131yla <strong>CrossTalk<\/strong>, bilgi s\u0131zd\u0131rmak i\u00e7in i\u015flemci \u00e7ekirdeklerini kendi ortalar\u0131nda konu\u015fmaya y\u00f6nlendirmek diyebiliriz. Mikromimari \u00f6l\u00e7e\u011finde bilgi \u00f6rnekleme ataklar\u0131ndan biri olan CrossTalk\u2019ta i\u015flemcinin i\u00e7indeki datalar i\u015flenirken bilgi al\u0131nmaya \u00e7al\u0131\u015f\u0131l\u0131r.<\/p>\n<p><strong>Vrije \u00dcniversitesi Sistem ve A\u011f G\u00fcvenli\u011fi K\u00fcmesi<\/strong>\u2019ndan yap\u0131lan a\u00e7\u0131klamada bu ataklar\u0131n <strong>Line Fill Buffer (LBF) <\/strong>basama\u011f\u0131nda a\u00e7\u0131\u011fa \u00e7\u0131kan bilgileri toplad\u0131\u011f\u0131 belirtildi.\u00a0Detaylara bakt\u0131\u011f\u0131m\u0131zdaysa bir bilginin <strong>LBF <\/strong>evresinde i\u015flenmesi s\u0131ras\u0131nda, bir uygulaman\u0131n farkl\u0131 \u00e7ekirdekler \u00fczerinde i\u015flendi\u011fi nokta incelenerek s\u0131z\u0131nt\u0131lar elde ediliyor. Hatta bu durum bir de g\u00f6r\u00fcnt\u00fcyle g\u00f6sterildi.<\/p>\n<p><div><\/div>\n<\/p>\n<p><b>A\u00e7\u0131klama i\u00e7in\u00a021 ay beklendi:<\/b><\/p>\n<p>Ara\u015ft\u0131rmac\u0131lar bu a\u00e7\u0131\u011f\u0131 <strong>21 ay evvel<\/strong>, 2018 y\u0131l\u0131n\u0131n eyl\u00fcl ay\u0131nda Intel\u2019e bildirdiklerini s\u00f6yl\u00fcyor. Ola\u011fanda bir a\u00e7\u0131\u011f\u0131n kamuya a\u00e7\u0131klanmas\u0131 i\u00e7in 90 g\u00fcn bekleniyor. Bu kere bu kadar uzun beklenmesinin nedeniyse a\u00e7\u0131\u011f\u0131n karma\u015f\u0131k yap\u0131s\u0131 ve gerekli d\u00fczenleme s\u00fcrecinin uzunlu\u011fu oldu.<\/p>\n<p>Daha eski <strong>Intel <\/strong>i\u015flemcileri i\u00e7in firma bir mikrokod yay\u0131nlad\u0131. Bug\u00fcn yay\u0131nlanan ve Special Register Buffer Veri Sampling ya da <strong>SRBDS <\/strong>(CVE-2020-0543, Intel-SA-00320) ismi verilen kod, internette yer al\u0131yor. Yeni i\u015flemcilerden birini kullan\u0131yorsan\u0131z bu durum sizi <strong>tehdit etmiyor<\/strong>. Intel, a\u00e7\u0131\u011f\u0131n ortaya \u00e7\u0131kmas\u0131ndan sonra mimarisinde bu meseleye neden olabilecek a\u00e7\u0131klar\u0131 kapatm\u0131\u015ft\u0131.<\/p>\n<div> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>B\u00fcy\u00fck \u00f6l\u00e7ekte\u00a0yap\u0131lan rastgele bir \u015feyi kusursuz olarak ger\u00e7ekle\u015ftirmenin yolu ne yaz\u0131k ki yoktur. Bir noktada kesinlikle s\u0131k\u0131nt\u0131larla &#8230;<\/p>\n","protected":false},"author":1,"featured_media":24761,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[851],"tags":[901,941],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/24760"}],"collection":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=24760"}],"version-history":[{"count":1,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/24760\/revisions"}],"predecessor-version":[{"id":24762,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/24760\/revisions\/24762"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/media\/24761"}],"wp:attachment":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=24760"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=24760"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=24760"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}