<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=645174729237247&amp;ev=PageView&amp;noscript=1">
We are updating the structure and design of KernelCare blog for your convenience. Today, you may experience some text formatting inconvenience which will be fixed shortly.

Intel DDIO 'NetCat' Vulnerability Report

netcat

Update from 09/19/2019:
After investigating the reported CVE, we figure out that it is a pure hardware issue and there will be no patches for this vulnerability.

We'd like to let you know that we're aware of the latest NetCat vulnerability report (CVE-2019-11184) for Intel processors. This vulnerability relies on Intel's Data Direct IO (DDIO) technology, a performance-enhancing feature that allows network devices access to the CPU cache data. The researchers found they could use Intel's Remote Direct Memory Access feature (RDMA) and statistical analysis of packet data to reveal shared cache data.

Our team is watching this issue and preparing for further upstream developments. We'll post more information when we have it. Watch this blog or our twitter feed @KernelCare.

Read more:

About KernelCare

KernelCare is a live patching system that patches Linux kernel vulnerabilities automatically, with no reboots. It's used on over 300,000 servers, and has been used to patch servers running for 6+ years. It works with all major Linux distributions, such as RHEL, CentOS, Amazon Linux, and Ubuntu. It also interoperates with common vulnerability scanners such as Nessus, Tenable, Rapid7, and Qualys. To talk with a consultant about how KernelCare might meet your enterprise’s specific needs, contact us directly at sales@kernelcare.com.

Intel DDIO 'NetCat' Vulnerability Report

netcat

Update from 09/19/2019:
After investigating the reported CVE, we figure out that it is a pure hardware issue and there will be no patches for this vulnerability.

We'd like to let you know that we're aware of the latest NetCat vulnerability report (CVE-2019-11184) for Intel processors. This vulnerability relies on Intel's Data Direct IO (DDIO) technology, a performance-enhancing feature that allows network devices access to the CPU cache data. The researchers found they could use Intel's Remote Direct Memory Access feature (RDMA) and statistical analysis of packet data to reveal shared cache data.

Our team is watching this issue and preparing for further upstream developments. We'll post more information when we have it. Watch this blog or our twitter feed @KernelCare.

Read more:

About KernelCare

KernelCare is a live patching system that patches Linux kernel vulnerabilities automatically, with no reboots. It's used on over 300,000 servers, and has been used to patch servers running for 6+ years. It works with all major Linux distributions, such as RHEL, CentOS, Amazon Linux, and Ubuntu. It also interoperates with common vulnerability scanners such as Nessus, Tenable, Rapid7, and Qualys. To talk with a consultant about how KernelCare might meet your enterprise’s specific needs, contact us directly at sales@kernelcare.com.