{"id":9437,"date":"2022-04-12T14:48:03","date_gmt":"2022-04-12T11:48:03","guid":{"rendered":"https:\/\/kutaybilen.com.tr\/?p=9437"},"modified":"2022-04-12T14:48:03","modified_gmt":"2022-04-12T11:48:03","slug":"intel-islemcilerde-guvenlik-acigi-tespit-edildi","status":"publish","type":"post","link":"https:\/\/kutaybilen.com.tr\/?p=9437","title":{"rendered":"Intel \u0130\u015flemcilerde G\u00fcvenlik A\u00e7\u0131\u011f\u0131 Tespit Edildi"},"content":{"rendered":"<p>Amsterdam\u2019daki Vrije \u00dcniversitesi\u2019nden ara\u015ft\u0131rmac\u0131lar, \u00e7ar\u015famba g\u00fcn\u00fc Intel\u2019in sunucu s\u0131n\u0131f\u0131 i\u015flemcisinin NetCAT ismini verdikleri bir zafiyete sahip oldu\u011funu lisana getirdiler. Bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131, CPU\u2019nun ne \u00fczerinde \u00e7al\u0131\u015ft\u0131\u011f\u0131n\u0131 g\u00f6sterebilen yan kanal h\u00fccumlar\u0131na a\u00e7\u0131k kap\u0131 b\u0131rak\u0131yor. Sorun, Xeon CPU\u2019lar\u0131 olan Data-Direct I\/O Technology (DDIO) ve Remote Direct Memory Access\u2019te (RDMA) de bulundu fakat ara\u015ft\u0131rmac\u0131lara nazaran AMD yongalar\u0131 bu meseleden etkilenmedi.<\/p>\n<p>Intel, g\u00fcvenlik b\u00fclteninde NetCAT\u2019in DDIO ve RDMA\u2019y\u0131 destekleyen Xeon E5, E7 ve SP i\u015flemcilerinin etkiledi\u011fini a\u00e7\u0131klad\u0131. Xeon i\u015flemcilerde 2012 y\u0131l\u0131ndan bu yana kullan\u0131lan DDIO\u2019nun alt\u0131nda yatan sorun, yan kanal h\u00fccumlar\u0131na a\u00e7\u0131k kap\u0131 b\u0131rakan s\u0131k\u0131nt\u0131yla t\u0131pk\u0131. Vrije \u00dcniversitesi ara\u015ft\u0131rmac\u0131lar\u0131n\u0131n yapt\u0131\u011f\u0131 \u00e7al\u0131\u015fmalara nazaran RDMA ise hedeflenen sunuculardaki a\u011f paketlerinin ilgili bellek pozisyonunu denetim etmesine m\u00fcsaade veriyor.<\/p>\n<p><b>Uzmanlar: &#8220;Hassas bilgilere eri\u015filebilir&#8221;<\/b><\/p>\n<p><div><\/div>\n<\/p>\n<p>Ara\u015ft\u0131rmac\u0131lara nazaran bu g\u00fcvenlik zafiyeti, a\u011fdaki g\u00fcvenilmeyen ayg\u0131tlar\u0131n \u201cyerel eri\u015fim olmadan, uzak sunuculardan SSH oturumlar\u0131ndaki tu\u015f vuru\u015flar\u0131 \u00fczere hassas bilgilere eri\u015febilece\u011fi\u201d manas\u0131na geliyor. \u015eu an i\u00e7in bu ataklara kar\u015f\u0131 savunma yapman\u0131n tek yolu DDIO\u2019yu engellemek fakat ara\u015ft\u0131rmac\u0131lar, sunucular\u0131ndaki DDIO\u2019dan vazge\u00e7mek istemeyenler i\u00e7in RDMA\u2019n\u0131n engellenmesinin de yard\u0131mc\u0131 olabilece\u011fini s\u00f6yl\u00fcyorlar.<\/p>\n<p>Intel, b\u00fcltende Xeon kullan\u0131c\u0131lar\u0131n\u0131n \u201cg\u00fcvenilmeyen a\u011flardan gelen direkt eri\u015fimleri engellemesi\u201d ve\u201czamanlamal\u0131 h\u00fccumlar i\u00e7in yaz\u0131l\u0131m mod\u00fcl\u00fc direncinikullanmas\u0131&#8221; gerekti\u011fini s\u00f6z etti. Vrije \u00dcniversitesi ara\u015ft\u0131rmac\u0131lar\u0131ysa bu yaz\u0131l\u0131m mod\u00fcllerinin NetCAT\u2019e kar\u015f\u0131 ger\u00e7ek bir savunma olu\u015fturmayaca\u011f\u0131n\u0131 fakat teorik olarak gelecekteki misal ak\u0131nlarda yard\u0131mc\u0131 olaca\u011f\u0131n\u0131 s\u00f6yl\u00fcyor.<\/p>\n<p>\u00dcniversite ara\u015ft\u0131rmac\u0131lar\u0131; NetCAT a\u00e7\u0131\u011f\u0131n\u0131\u00a0Intel\u2019e ve Hollanda Ulusal Siber G\u00fcvenlik Merkezi\u2019ne 23 Haziran\u2019da bildirdikleri i\u00e7in de bir \u00f6d\u00fcl ald\u0131lar lakin m\u00fckafat\u0131n ne kadar oldu\u011fu hakk\u0131nda bir a\u00e7\u0131klama yap\u0131lmad\u0131.<\/p>\n<div> <\/div>\n<div>\n<div> <\/div>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Amsterdam\u2019daki Vrije \u00dcniversitesi\u2019nden ara\u015ft\u0131rmac\u0131lar, \u00e7ar\u015famba g\u00fcn\u00fc Intel\u2019in sunucu s\u0131n\u0131f\u0131 i\u015flemcisinin NetCAT ismini verdikleri bir zafiyete &#8230;<\/p>\n","protected":false},"author":1,"featured_media":9438,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[851],"tags":[2117],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/9437"}],"collection":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=9437"}],"version-history":[{"count":1,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/9437\/revisions"}],"predecessor-version":[{"id":9439,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/9437\/revisions\/9439"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/media\/9438"}],"wp:attachment":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=9437"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=9437"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=9437"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}