Intel’s server-grade processors are suffering from a vulnerability, which they dubbed NetCAT. The researchers at Vrije University in Amsterdam revealed on Wednesday The vulnerability enables a side-channel attack that can infer what a CPU is working on and is said to rely on issues with two Intel technologies found primarily in the Xeon CPU line: Data-Direct I/O Technology (DDIO) and Remote Direct Memory Access (RDMA). According to the researchers,
“While NetCAT is powerful even with only minimal assumptions, we believe that we have merely scratched the surface of possibilities for network-based cache attacks, and we expect similar attacks based on NetCAT in the future,” the researchers, from the Vrije Universiteit Amsterdam and ETH Zurich, wrote in a paper published on Tuesday. “We hope that our efforts caution processor vendors against exposing microarchitectural elements to peripherals without a thorough security design to prevent abuse.”
NetCAT is a complex attack and is likely not the low-hanging fruit for many attackers. In server settings with untrusted clients, where security matters more than performance, it has been recommend DDIO to be disabled.