Security
Engage with our experts on security topics
74 Discussions

Chips & Salsa Episode 12 - March 2022 Security Advisories

IPAS_Security
Employee
0 0 1,929

Hi everyone, 

Today we published 2 security advisories addressing 3 CVEs.  In support of INTEL-SA-00598, we also published a technical paper entitled “Branch History Injection and Intra-mode Branch Target Injection: Overview and Mitigation Recommendat...“. It is important to note that the primary mitigation recommendation described was already the default for most Linux distributions. Intel worked with the Linux community to add the ability to disable unprivileged eBPF to the upstream Linux kernel starting with version 5.16. It has also been backported to earlier versions. 

To help get a better understanding of the issues addressed in INTEL-SA-00598, in the Chips & Salsa video below, CRob and I talk to Intel subject matter experts Jason Brandt, who is an Intel CPU Architect, and Alyssa Milburn, who is an offensive security researcher on the Intel STORM team: 

 
 
For the complete list of today’s advisories, please visit our security center. 

Regards, 

Jerry Bryant 
Sr. Director 
Intel Product Assurance and Security 

About the Author
Intel Product Assurance and Security (IPAS) is designed to serve as a security center of excellence – a sort of mission control – that looks across all of Intel. Beyond addressing the security issues of today, we are looking longer-term at the evolving threat landscape and continuously improving product security in the years ahead.