November 29, 2022

TheCyberThrone

Thinking Security ! Always

Intel Releases Vulnerability Report For 2021

Intel has just released a product security report for 2021 detailing the number of bugs that were found in its hardware during the course of last year in GPU and processors. Intel, it has encountered around 50% fewer bugs than AMD, and nearly half of its GPU vulnerabilities come from AMD components.

Advertisements

Intel’s report is comprehensive and talks about not just the raw numbers of discovered bugs, but also how they were discovered and categorized, as well as the sources of some of the vulnerabilities.

Intel says that a total of 16 processor security flaws were found in 2021. Six of these were found by external researchers as part of Intel’s bug bounty program and 10 were discovered by Intel itself. This puts it in a better position than AMD processors, which encountered 31 bugs over the course of the year, or about 50% more than Intel.

Things are looking a bit worse when it comes to Intel GPUs. Of course, most of these are integrated graphics from Intel Xe DG1 graphics, Intel hasn’t had any other discrete graphics cards in 2022. This will change with the upcoming release of Intel Arc Alchemist.

In the GPU section, Intel reports a total of 51 vulnerabilities, of which 15 were found internally and 36 were discovered thanks to Intel’s bounty initiative. AMD had only had 27 reported graphics bugs in 2021, so in theory, that puts AMD ahead of Intel by a large margin.

Out of the 51 bugs found within Intel graphics, the company claims that 23 were caused by AMD components, namely the Radeon RX Vega M graphics chip found within some Intel Kaby Lake-G processors. The vulnerabilities found within the AMD graphics still have to classify as Intel bugs due to being part of Intel’s own chip, but they seem to not have been caused directly by Intel hardware.

Intel has also reported that its own research accounts for 50% of the discovered vulnerability, while 43% were caught by external researchers through the bounty program and 7% were found from organizations and projects that cannot benefit from Intel’s bug hunting project.

Advertisements

The company seems eager to continue expanding the bug bounty initiative, It has announced Project Circuit Breaker which is essentially a major extension of the already existing program. Intel will invite researchers to hacking events in order to find vulnerabilities. It also plans to provide them with early access to its software and hardware.

%d bloggers like this: