19/08/2018

Foreshadow Attacks: 3 New Intel CPU Side-Channel Flaws Discovered

While the chip-maker giant is still dealing with Meltdown and Spectre processor vulnerabilities, yet another major speculative execution flaw has been revealed in Intel's Core and Xeon lines of processors that may leave users vulnerable to cyber-attacks. Dubbed Foreshadow, alternatively called L1 Terminal Fault or L1TF, the new attacks include three new speculative execution side-channel vulnerabilities affecting Intel processors. The Foreshadow attacks could allow a hacker or malicious application to gain access to the sensitive data stored in a computer's memory or third-party clouds, including files, encryption keys, pictures, or passwords. Since the mitigations available for Meltdown and Spectre are not sufficient to patch Foreshadow vulnerabilities, Intel and partners need to roll out new security patches at both software and microcode level. "Foreshadow is different from Meltdown as it targets virtual machines and SGX in addition to data stored in the operating system's kernel (which was targeted by Meltdown)," the researchers said.

The Foreshadow vulnerabilities have been categorized into two variants:

1.) Foreshadow (PDF) targets a new technology originally been designed to protect select code and users' data from disclosure or modification, even if the entire system falls under attack: Intel Software Guard Extensions (SGX) — CVE-2018-3615 The new attack against SGX enclaves, which is resilient to Meltdown and Spectre attacks, may allow an unauthorized attacker to steal information residing in the L1 data cache—a protected portion of a chip's core memory that holds things like passwords and encryption keys—via side-channel analysis. "Foreshadow enables an attacker to extract SGX sealing keys, previously sealed data can be modified and re-sealed," the researchers said. "With the extracted sealing key, an attacker can trivially calculate a valid Message Authentication Code (MAC), thus depriving the data owner from the ability to detect the modification."

2.) Foreshadow: Next Generation (NG). The second variant (PDF) includes two vulnerabilities, which target virtualization environments being used by large cloud computing providers like Amazon and Microsoft: Operating systems and System Management Mode (SMM) — CVE-2018-3620 Virtualization software and Virtual Machine Monitors (VMM) — CVE-2018-3646 These flaws also disclose sensitive information residing in the L1 data cache, including the information stored in other virtual machines running on the same third-party cloud, with local user access or guest OS privilege via a terminal page fault and side-channel analysis. "Using Foreshadow-NG, a malicious program running on the computer might be able to read some parts of the kernel's data," the researchers said. "As the kernel has access to data stored by other programs, a malicious program might be able to exploit Foreshadow-NG to access data belonging to other programs."

You can see video demonstrations illustrating the Foreshadow vulnerabilities as well.

https://thehackernews.com/2018/08/foreshadow-intel-processor-vulnerability.html

1 comment :

  1. Anonymous19/8/18 21:15

    ΟΤΑΝ ''ΓΥΡΝΑΕΙ ΠΙΣΩ'' '<0xFF = 11111111> ΣΗΜΑΙΝΕΙ ΠΩΣ ΕΧΕΙ OVERFLOW (ΥΠΕΡΧΕΙΛΙΣΗ) ERROR.ΜΕ ΑΝΤΙΓΡΑΦΟ ΤΗΣ CASH ΜΜΗΜΗΣ ΚΑΙ ΕΠΑΝΑΤΟΘΕΤΗΣΗ ΑΥΤΟΥ Σ'ΑΛΛΟ ΣΗΜΕΙΟ ΤΗΣ,ΣΟΥ ΔΙΝΕΙ ΛΟΓΙΚΑ 0x00.

    -ΔΗΜΗΤΡΑ-

    ReplyDelete