In 2018, security researchers discovered serious vulnerabilities in Intel’s Sandy Bridge, Ivy Bridge, Haswell, Broadwell, Skylake, Kaby Lake, and Coffee Lake. According to a foreign paper, all Intel CPUs since 1995, except the Itanium which Intel has abandoned, could be affected.
This vulnerability is the infamous “Ghost” vulnerability, which could allow malicious scripts to directly read core memory and steal sensitive information. Hackers can easily hijack users’ computers using this vulnerability. Subsequently, Google issued a vulnerability warning to Intel, and many foreign media began reporting on the significant vulnerabilities in Intel CPUs. Intel’s stock price subsequently fell, and Intel CEO Brian Krzanich sold a large amount of Intel stock.
As Intel’s long-time rival, AMD took the opportunity to showcase itself, claiming that its CPUs were not affected by this vulnerability, which led to a rise in AMD’s stock price. This move may have angered Intel, which retaliated by stating that AMD and ARM CPUs were also affected by the vulnerability.Later, Google issued a statement indicating that processors produced by AMD and ARM were also vulnerable to attacks. Meanwhile, Daniel Gruss, one of the co-discoverers of the “Ghost” vulnerability, stated that he successfully simulated an attack using the “Ghost” vulnerability code based on AMD processors.The back-and-forth between Intel and AMD dragged ARM into the fray, with ARM stating that its Cortex A series processors, primarily targeting smartphones, were also severely affected. Not only were the Cortex A series processors affected, but some deeply customized processors based on ARM’s architecture were also impacted.ARM publicly stated that Apple’s A4 processor, which is a deeply customized version of the Cortex A8, contains many of ARM’s original codes and is therefore also affected by this vulnerability. Similarly, the Apple A5 series processors, which are heavily based on the Cortex A9, and the Apple A6 series processors, based on the Cortex A15, are also vulnerable. Products such as iPhones, iPads, iPods, and Apple TVs that use these processors are similarly affected.
Two Years Later, Domestic Processors Encounter the “Ghost” Again
Although more than two years have passed since the discovery of the “Ghost” vulnerability, it has still been found in Kunpeng and Feiteng CPUs. Considering that more than two years have passed, Kunpeng and Feiteng had ample time to patch the vulnerabilities. Moreover, Kunpeng was launched in 2019, after the “Ghost” vulnerability was discovered. It is surprising that Kunpeng did not implement targeted prevention measures, and the CPU still has the “Ghost” vulnerability, which is quite unacceptable.
The reason for this situation is fundamentally related to the technical capabilities of Kunpeng and Feiteng.After the vulnerability was exposed, Intel collaborated with partners to quickly patch the issue. Furthermore, in Intel’s latest press release, Microsoft, Amazon, and Google all stated that the impact was minimal after updates, far less severe than some media reports suggesting a 30% performance loss. This is because Intel possesses core technologies for CPUs and has strong research and development capabilities.Despite the fact that more than two years have passed since the discovery of the “Ghost” vulnerability, Kunpeng and Feiteng CPUs have still not made targeted improvements, raising questions about their independent research capabilities.Both Kunpeng and Feiteng CPUs face the issue of “false independence”—although Kunpeng CPUs have undergone multiple iterations on paper, the Hi1610 and Hi1612 are both Cortex A57, while the Hi1616 is Cortex A72. The Kunpeng 920 does not have a technological evolution relationship with the previous Hi1616 and Hi1612. The Feiteng CPU, while appearing to have undergone multiple iterations, is essentially just a patched version of the 66X series core, remaining the same generation core.Apple’s A4, A5, and A6 processors borrowed from the Cortex A8, Cortex A9, and Cortex A15, respectively, leading to their vulnerability to the “Ghost” issue. The Kunpeng 920’s CPU core and the Feiteng CPU core are likely similar to Apple’s, both borrowing from ARM’s public core. Since they are based on public versions, they also inherited the “Ghost” vulnerability.
“Ghost” Vulnerability Reflects the Severe Lack of Core Technology in Domestic Processors
Many self-proclaimed independent CPUs have been defeated by a two-year-old vulnerability, highlighting that domestic processor research and development teams still lack critical design capabilities. Without the ability to identify and patch known vulnerabilities, they are merely playing a game of buying and selling in the chip field, only targeting a more high-end area with more covert methods.Chip design cannot afford any shortcuts; it requires mastery of core technologies from the instruction set level. The current open-source instruction set RISC-V presents a path for domestic chip development. As an open-source instruction set, RISC-V is an opportunity, reshaping the industry using a strategy of open-source hardware and software in a market that is still a blank slate in terms of technology.With the open-source technological path, more manufacturers can participate in the chip R&D and design processes, ensuring that every line of code undergoes scrutiny by numerous individuals, making backdoors and vulnerabilities harder to hide.Seizing the opportunity to reshape industry discourse, domestic chip manufacturers are also starting to move. GigaDevice this year mass-produced a new version of the GD32 microprocessor based on the RISC-V instruction set, while T-head Technology has open-sourced all hardware and software implementations of the Lingang 800 on GitHub, both reflecting domestic manufacturers’ competition for new opportunities.
