A major security vulnerability has been discovered in Intel’s modern processor designs and requires some invasive OS updating to squeeze it out. Unfortunately, the current fix can tank CPU performance by up to 49%... thankfully, though, not for us gamers.
It’s not all doom and gloom. If you do want to take a look at AMD’s Ryzen for unrelated reasons, however, then here are the best gaming CPUs around.
This newly-discovered bug is more likely a danger to systems running multiple virtual machines (VMs). A big data, server-scale problem, mostly. While this security flaw is an issue in itself, the patch that has been sneaked into the Linux kernel over the past few weeks is causing significant headaches for Intel as well, as it can slow CPU performance in a server environment.
The full details of the vulnerability have not yet been released, but it is understood to effectively allow a process to exploit the hardware bug and gain easy access to the OS kernel’s virtual memory space. The fear for the big server guys is that one virtual machine could be used to gain access and write to the other VMs on the same system, effectively opening the door to all sorts of security breaching shenanigans - especially deadly for massive cloud data centres running thousands of VMs.
There is a fix, however, but you may not like it. The solution involves page table isolation (PTI), which affects virtual memory. This solution also causes a massive performance hit for certain tasks among Intel CPUs, ranging from 5 - 30% across multiple processor generations. It seems mostly synthetic I/O benchmarks are initially showing a large slowdown post-patch. But many applications, including games, were seemingly unaffected.
The fix has been sneaked into Linux and a Windows version is on the way. Despite the bug supposedly affecting all x86 processors, according to AMD employee Thomas Lendacky, the red team’s processors supposedly do not have the same vulnerabilities.
“AMD processors are not subject to the types of attacks that the kernel page table isolation feature protects against,” Lendacky states. “The AMD microarchitecture does not allow memory references, including speculative references, that access higher privileged data when running in a lesser privileged mode when that access would result in a page fault.”
But what about Intel gamers? Well, if you are on Linux and you don’t care too much about the vulnerability, you can simply disable the PTI post-patch and regain any lost performance. This also works for AMD systems that have been patched, as they are being ‘fixed’ regardless of whether these processors actually require the security fix or not. In tests, AMD’s EPYC chips have been shown to drop up to 49% in CPU performance when using the PTI workaround in the latest Linux kernel update.
According to Phoronix, however, gamers need not worry about performance dropping by any considerable delta. It seems that most gaming benchmarks are within the margin of error between patches.
The Windows patch will potentially affect the majority of gamers, however, so it will be important to see how benchmarks shake out once any related Windows update lands on our systems. For the time being, it seemingly won’t affect Linux gaming systems too much, and this performance impact should be removed again once a more suitable workaround has been implemented.
Intel, however, face larger security and trust issues as this may cause major disruption to their cloud server partners, including major clients such as Google, Microsoft Azure, and Amazon Web Services.