Starbleed bug impacts FPGA chips used in data centers, IoT devices, industrial equipment


A team of academics says they’ve discovered a new security bug that impacts Xilinx FPGA (Field Programmable Gate Arrays) chipsets.

Named Starbleed, the bug allows attackers — with both physical or remote access — to extract and tamper with an FGPA’s bitstream (configuration file) to reprogram the chip with malicious code.

FPGAs are add-in cards that can be added to a computer system, (such as a regular desktop, a high-performance server) or can be used as standalone systems. They are small integrated circuit boards designed to run very specific code that is programmed inside the FPGA by the device owner based on their own needs.

While once looked upon as an amateur branch of computer programming, FPGAs now account for a huge market, due to the increasing use.

Read more…
Source: ZDNet