‘Kernel memory leaking’ Intel processor design flaw


A fundamental design flaw in Intel’s processor chips related to virtual memory system (Intel x86-64 hardware) allows normal user programs (even JavaScript in web browsers) to discern to some extent the layout or contents of protected kernel memory areas.

It is understood the bug is present in modern Intel processors produced in the past decade. It appears a microcode update can’t address it, so it has to be fixed in software at the OS level. This has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug, which is expected to cause 5 to 30 per cent slow down of your computer on next update!

Microsoft is expected to publicly introduce the necessary changes to its Windows operating system in an upcoming Patch Tuesday. Patches for the Linux kernel are available. Apple’s 64-bit macOS, will also need to be updated.

This is bad news for Intel. Last year they had AMT vulnerability remote exploit and now this new blow in Intel security. I don’t think that computer buyers like that their computers become slower! 

Details of the vulnerability within Intel’s silicon are under wraps and are expected to be released later this month – so follow the comments for updates.


  1. Tomi Engdahl says:

    Data-spewing Spectre chip flaws can’t be killed by software alone, Google boffins conclude
    While browsers have got their act together, any other apps interpreting user-supplied code need to be aware of this

    Google security researchers have analyzed the impact of the data-leaking Spectre vulnerabilities afflicting today’s processor cores, and concluded software alone cannot prevent exploitation.

    The Chocolate Factory brainiacs – Ross Mcilroy, Jaroslav Sevcik, Tobias Tebbi, Ben L. Titzer, Toon Verwaest – show that they can construct what’s dubbed a universal gadget to exploit the spectre gang of speculative-execution flaws present in various CPU families, allowing attacker-supplied code running in a thread to read all memory in the same address space.

    Threat or hype?

    Since there aren’t many other scenarios in which attacker-supplied code is interpreted in the same address space as other user-supplied code – web browsers spring to mind, chiefly – the Googlers’ research is largely academic, and not something to immediately panic over. However, if you’re developing software that interprets external code – such a cloud-based execution environment in which customers’ threads share the same process – this is something to be very much aware of.

    “We now believe that speculative vulnerabilities on today’s hardware defeat all language-enforced confidentiality with no known comprehensive software mitigations, as we have discovered that untrusted code can construct a universal read gadget to read all memory in the same address space through side-channels,” the researchers say in a paper distributed through pre-print service ArXiv.

    Shortly after The Register first reported the Spectre and Meltdown bugs in January 2018, University of Michigan assistant professor of computer science Daniel Genkin, a co-author of the original Spectre research paper who was a postdoctoral student at the time, said as much: “We are currently not aware of effective countermeasures that will eliminate the root cause of Spectre, short of hardware redesign,” he told The Register last year.

    Spectre, as its name suggests, involves the exploitation of speculative execution, a feature of modern processors

    There are several Spectre variants but the basic problem is that chip designers traded security for speed. “Our models, our mental models, are wrong; we have been trading security for performance and complexity all along and didn’t know it,” the researchers observe.

    Variant 4, Speculative Aliasing Confusion, has no software solution that Google’s researchers could find. “Variant 4 defeats everything we could think of,” the researchers say.

    But that appears to be futile. “We argue that mitigating timing channels by manipulating timers is impossible, nonsensical, and in any case ultimately self-defeating,” the researchers say.

    Google’s boffins added defenses against Spectre into the V8 JavaScript virtual machine within the company’s Chrome browser and found the performance penalties frustrating because they slow things down without truly fixing the problem. “None of these mitigations provide comprehensive protection against Spectre, and so the mitigation space is a frustrating performance / protection trade-off,” they say.

    That’s why Google shifted its browser security focus to the aforementioned site isolation. But help has to come from hardware, too, in the form of better process isolation.

  2. Tomi Engdahl says:

    I’ve always thought that AMD was the bigger bang for the buck. Intel looks faster but… Well… Now that we’ve got Meltdown and Specter slowing Intel machines down more than AMDs it looks like that point is kinda blown.

  3. Tomi Engdahl says:

    Some AMD chips are better than some Intel chips, some intel chips are better than some AMD chips

  4. Tomi Engdahl says:

    Chips may be inherently vulnerable to Spectre and Meltdown attacks

    Most malware exploits coding errors and poor design. But Google security researchers say a fundamental flaw in the nature of computing could make some threats impossible to defeat.

    The Google team say the threat affects all chipmakers, including Intel, ARM, AMD, MIPS, IBM, and Oracle. “This class of flaws are deeper and more widely distributed than perhaps any security flaw in history, affecting billions of CPUs in production across all device classes,” say McIlroy and co.

    In the past, malware has tended to exploit poorly designed code and the errors it contains. These errors provide malicious actors with ways to disrupt calculations or access confidential information. So an important approach is to fix these errors with software patches before they can be exploited.

    But when the flaw is in the foundations of computer design, software patches offer meager protection. The challenge is that the very nature of computation allows information to leak via mechanisms called side channels.

    Computer scientists have always assumed that these commands can be separated in a way that guarantees confidentiality. The thinking is that some suitably advanced software ought to be able to marshal the commands in a way that keeps them separated.

    But the Google team’s key result is to show that this assumption is wrong. A processor cannot tell the difference between a good command and a malicious one—even in principle. So if a command tells it to send information to an area of the memory that can be easily accessed later, the machine obeys.

    It’s easy to imagine that this can be prevented with software that separates good commands from bad ones. But the Google team show that this just adds another layer of complexity to the challenge, along with a new set of potential side channels.

    To show the ubiquity of threat, the Google team constructed a “universal read gadget.” This is the ultimate eavesdropper—a routine that can read all addressable memory in a processor, unknown to the user.

    McIlroy and co created four variants of this gadget. “We developed proofs of concept in C++, JavaScript, and WebAssembly for all the reported vulnerabilities,” say the team. They found that these read gadgets leaked information at rates of up to 2.5 kilobytes per second.

    Variant 4 of the universal reading gadget is particularly worrying. McIlroy and co say they were unable to find an effective a way to combat it or reduce its threat. “We do not believe that variant 4 can be effectively mitigated in software,” they sa

    During the last year, Intel has redesigned its chips in attempt to mitigate the most serious threats from Spectre and Meltdown attacks. But this has reportedly come at the cost of a performance drop of up to 14%. And the modifications are unlikely to be fail-safe.

    One reason for Google’s concern is the threat to e-commerce. It’s not hard to imagine an attack that reveals the cryptographic keys used to secure transactions, thereby allowing large-scale theft.

    So the company has already shipped versions of Chrome with the first lines of defense. Releases 64 to 67 prevent attacks in the browser via JavaScript.

    But the threat goes much deeper.

    This complexity is itself part of the problem.

    There is a little good news, however. So far there are no known attacks that exploit Spectre or Meltdown. For the moment, the threat is confined to the labs of cybersecurity researchers

    But that provides little comfort to chip makers and security experts. It is not hard to imagine that malicious actors—including state-sponsored teams—might be developing ways to exploit this vulnerability. This is a problem, as McIlroy and co say, that “seems destined to haunt us for a long time.”

  5. Tomi Engdahl says:

    Microsoft rolls out Google’s Retpoline Spectre mitigation to Windows 10 users

    KB4482887, released today, enables Google’s Retpoline mitigation in the Windows 10 kernel (only for v1809 users).

  6. Tomi Engdahl says:

    Microsoft Rolls Out Spectre Variant 2 Mitigations for Windows 10

    Over the weekend, Microsoft started rolling out a new software update for Windows 10 devices to enable the Retpoline mitigations against Spectre attacks.

  7. Tomi Engdahl says:

    ‘This collaboration is absolutely critical going forward’… One positive thing about Meltdown CPU hole? At least it put aside tech rivalries…
    Execs, experts hope this cooperation continues to hold for the next big bug

    A panel of eggheads from Intel, the US government, and academia held court this week to figure how they can keep the likes of El Reg from spoiling their next major bug reveal.

    The group met at the Churchill Club in San Francisco to reflect on 2018′s big security story – the Spectre-Meltdown CPU flaws – and ponder how it could be better handled going forward. Although chip designers were alerted to the vulnerabilities around June 2017, and operating system developers soon after, an action plan for disclosure was still being formulated the week before they hoped to public on Tuesday, January 9, 2018. The Reg blew the lid off it on January 2, after hearing no response from vendors, forcing timetables to be torn up.

  8. Tomi Engdahl says:

    SPOILER alert, literally: Intel CPUs afflicted with simple data-spewing spec-exec vulnerability
    ‘Leakage … is visible in all Intel generations starting from first-gen Core CPUs

  9. Tomi Engdahl says:

    All Intel chips open to new Spoiler non-Spectre attack: Don’t expect a quick fix

    Researchers say Intel won’t be able to use a software mitigation to fully address the problem Spoiler exploits.

  10. Tomi Engdahl says:

    SPOILER alert, literally: Intel CPUs afflicted with simple data-spewing spec-exec vulnerability
    ‘Leakage … is visible in all Intel generations starting from first-gen Core CPUs’

    SPOILER: Speculative Load Hazards Boost Rowhammer and Cache Attacks

  11. Tomi Engdahl says:

    All Intel chips open to new Spoiler non-Spectre attack: Don’t expect a quick fix

    Researchers say Intel won’t be able to use a software mitigation to fully address the problem Spoiler exploits

  12. Tomi Engdahl says:

    All Intel chips open to new Spoiler non-Spectre attack: Don’t expect a quick fix

    Researchers say Intel won’t be able to use a software mitigation to fully address the problem Spoiler exploits.

    Researchers have discovered a new flaw affecting all Intel chips due to the way they carry out speculative execution for CPU performance gains.

    Like the Spectre and Meltdown attacks revealed in January 2018, Spoiler also abuses speculative execution in Intel chips to leak secrets.

    However, it targets a different area of the processor called the Memory Order Buffer, which is used to manage memory operations and is tightly coupled with the cache.


  13. Tomi Engdahl says:

    Spectre, Meltdown and More: What You Need to Know About Hardware Vulnerabilities

    The “2019 IBM X-Force Threat Intelligence Index” highlighted a paradigm shift sparked by a new era of hardware security challenges. The exposure of critical hardware vulnerabilities that affected almost every endpoint built in the past 20 years forced enterprises and the security community to rethink the way they approach hardware security and its impact on the business.

    Since the release of the Spectre/Meltdown vulnerabilities in January 2018, researchers have been uncovering new potential impacts while threat actors search for ways to exploit these significant hardware vulnerabilities and launch attacks on affected systems. The benefits of determining valid attack vectors are significant, since many organizations have struggled to effectively address Spectre and Meltdown.

    The Paradigm Shift Catalyst: Spectre and Meltdown

    Spectre and Meltdown leverage “speculative execution” to gain access to sensitive data

  14. Tomi Engdahl says:

    SPOILER alert, literally: Intel CPUs afflicted with simple data-spewing spec-exec vulnerability
    ‘Leakage … is visible in all Intel generations starting from first-gen Core CPUs’

  15. Tomi Engdahl says:

    SPOILER: Speculative Load Hazards Boost Rowhammer and Cache Attacks

  16. Tomi Engdahl says:

    Ignore the noise about a scary hidden backdoor in Intel processors: It’s a fascinating debug port
    VISA: It’s everywhere (on the system bus) you want to be

    Researchers at the Black Hat Asia conference this week disclosed a previously unknown way to tap into the inner workings of Intel’s chip hardware.

    The duo of Mark Ermolov and Maxim Goryachy from Positive Technologies explained how a secret Chipzilla system known as Visualization of Internal Signals Architecture (VISA) allows folks to peek inside the hidden workings and mechanisms of their CPU chipsets – capturing the traffic of individual signals and snapshots of the chip’s internal architecture in real time – without any special equipment.

    To be clear, this hidden debug access is not really a security vulnerability. To utilize the channel, you must exploit a 2017 elevation-of-privilege vulnerability, or one similar to it

  17. Tomi Engdahl says:

    Ignore the noise about a scary hidden backdoor in Intel processors: It’s a fascinating debug port
    VISA: It’s everywhere (on the system bus) you want to be
    - this hidden debug access is not really a security vulnerability. To utilize the channel, you must exploit a 2017 elevation-of-privilege vulnerability, or one similar to it

  18. Tomi Engdahl says:

    Intel and AMD may never make a CPU we can fully trust, but others might

    Intel and AMD may never make a CPU we can fully trust, but others might
    By Jon Martindale — Posted on April 6, 2019 1:00AM PST
    Spectre Meltdown

    Remember the Spectre and Meltdown security exploits from last year? Intel and AMD really hopes you don’t. Despite what they want you to believe, these speculative execution exploits aren’t going away, at least not with the solutions proposed so far.

    Instead of trying to fix each variant that comes along, a permanent fix will require a fundamental change to how CPUs are designed. The proposition? A “secure core” that make ensure your data stays safe from attackers, no matter what bugs they might try to exploit.

    It might not be the route these large processor companies want to take, but it might be the only one that actually works.

    “It’s hard in security if you’re always being reactive, having to wait for security vulnerabilities and then fixing them”

    “We’ve defined something called a PSA (platform security architecture) root of trust with some essential security functions built in like cryptography, secure boot, secure storage; Every IOT device will need these,” Coobs explained to Digital Trends.

  19. Tomi Engdahl says:

    Intel finally issues Spoiler attack alert: Now non-Spectre exploit gets CVE but no patch

    No patch for Spoiler attack affecting all Intel chips, but a security advisory gives it an official CVE identifier.

    Intel has finally posted an official security advisory in response to the recently revealed Spoiler attack, which uses a weakness in Intel CPUs to enhance already known attacks that leak secrets from memory.

    Researchers from Worcester Polytechnic Institute, Massachusetts, and the University of Lübeck in north Germany in March drew attention to a weakness in Intel’s proprietary memory subsystem that affects Intel CPUs all the way back to its 1st generation Intel Core processors, regardless of the operating system.

    Intel has now assigned the vulnerability identifier CVE-2019-0162 to Spoiler and given it a CVSS severity score of 3.8 out of a possible 10. The ‘low’ severity rating is likely because an attacker would need to be authenticated and have local access to the hardware, while existing mitigations further reduce risks.


  20. Tomi Engdahl says:

    How Intel wants to backdoor every computer in the world | Intel Management Engine explained

    Intel embeds Management Engine into all of its computers since 2008. Intel Management Engine has been criticized for its security risks and has been called a backdoor with rootkit possibilities by many security experts and researchers.

    This is Intel Management Engine. A subsystem microprocessor that’s operating inside every Intel CPU platform made from 2008 onward.
    Despite its name and some basic functions, we don’t know anything about what Intel Management really does.

    Intel Management Engine is a computer within a computer. It is running it’s own operating system, called Minix, and is installed by default on every modern computer with an Intel CPU. This probably makes Minix the most widely used operating system in the world.

  21. Tomi Engdahl says:

    New secret-spilling flaw affects almost every Intel chip since 2011

    Security researchers have found a new class of vulnerabilities in Intel chips which, if exploited, can be used to steal sensitive information directly from the processor.,
    The bugs are reminiscent of Meltdown and Spectre

    “ZombieLoad,” as it’s called, is a side-channel attack targeting Intel chips, allowing hackers to effectively exploit design flaws rather than injecting malicious code. Intel said ZombieLoad is made up of four bugs, which the researchers reported to the chip maker just a month ago.

    Almost every computer with an Intel chips dating back to 2011 are affected by the vulnerabilities. AMD and ARM chips are not said to be vulnerable like earlier side-channel attacks.

    ZombieLoad takes its name from a “zombie load,” an amount of data that the processor can’t understand or properly process, forcing the processor to ask for help from the processor’s microcode to prevent a crash. Apps are usually only able to see their own data, but this bug allows that data to bleed across those boundary walls. ZombieLoad will leak any data currently loaded by the processor’s core, the researchers said. Intel said patches to the microcode will help clear the processor’s buffers, preventing data from being read.

    the researchers showed in a proof-of-concept video

    Like Meltdown and Spectre, it’s not just PCs and laptops affected by ZombieLoad — the cloud is also vulnerable. ZombieLoad can be triggered in virtual machines, which are meant to be isolated from other virtual systems and their host device.

    Although no attacks have been publicly reported, the researchers couldn’t rule them out nor would any attack necessarily leave a trace, they said.
    What does this mean for the average user? There’s no need to panic, for one.
    These are far from drive-by exploits where an attacker can take over your computer in an instant. Gruss said it was “easier than Spectre” but “more difficult than Meltdown” to exploit — and both required a specific set of skills and effort to use in an attack.

    But if exploit code was compiled in an app or delivered as malware, “we can run an attack,” he said.

    ntel has released microcode to patch vulnerable processors, including Intel Xeon, Intel Broadwell, Sandy Bridge, Skylake and Haswell chips. Intel Kaby Lake, Coffee Lake, Whiskey Lake and Cascade Lake chips are also affected, as well as all Atom and Knights processors.

    Computer makers Apple and Microsoft and browser makers Google have released patches, with other companies expected to follow.

    Intel’s technical note on the issue


  22. Tomi Engdahl says:

    New Intel security flaws could slow some chips by nearly 20%

    Intel Corp and a group of security researchers on Tuesday said they had found a new set of security flaws in its processors that will be difficult to fix and are related to problems found last year.

    Intel calls the newly discovered flaws “Microarchitectural Data Sampling,” or MDS for short. The vulnerability could let hackers read nearly all data flowing through one of Intel’s chips, though the company said the attack is difficult to carry out and that it has not seen it used outside of labs.

  23. Tomi Engdahl says:

    Download this security patch now if your PC is powered by Intel

    MDS was discovered by a wide range of researchers from security firms like Bitdefender, Cyberus, Oracle, and Qihoo360 as well as academic institutions like the University of Michigan, Vrije Universiteit Amsterdam, KU Leuven in Belgium, Austria’s TU Graz, University of Adelaide, Worcester Polytechnic Institute, and Germany’s Saarland University.

    “Academics have discovered four such MDS attacks, targeting store buffers (CVE-2018-12126 aka Fallout), load buffers (CVE-2018-12127), line fill buffers (CVE-2018-12130, aka the Zombieload attack, or RIDL), and uncacheable memory (CVE-2019-11091) — with Zombieload being the most dangerous of all because it can retrieve more information than the others,” ZDNet reported. Some of the attacks, researchers cautioned, could even require hardware changes to the chips to mitigate. Intel claims that some of its chips released within the last month already ship with a fix.

  24. Tomi Engdahl says:

    MDS – Microarchitectural Data Sampling – CVE-2018-12130, CVE-2018-12126, CVE-2018-12127, and CVE-2019-11091

    Four new microprocessor flaws have been discovered, the most severe of which is rated by Red Hat Product Security as having an Important impact. These flaws, if exploited by an attacker with local shell access to a system, could allow data in the CPU’s cache to be exposed to unauthorized processes. While difficult to execute, a skilled attacker could use these flaws to read memory from a virtual or containerized instance, or the underlying host system. Red Hat has mitigations prepared for affected systems and has detailed steps customers should take as they evaluate their exposure risk and formulate their response.

  25. Tomi Engdahl says:

    RIP Hyper-Threading? ChromeOS axes key Intel CPU feature over data-leak flaws – Microsoft, Apple suggest snub
    Plug pulled on SMT tech as software makers put security ahead of performance

    n conjunction with Intel’s coordinated disclosure today about a family of security vulnerabilities discovered in millions of its processors, Google has turned off Hyper-Threading in Chrome OS to fully protect its users.

    Meanwhile, Apple, Microsoft, IBM’s Red Hat, QubesOS, and Xen advised customers that they may wish to take similar steps.

    The family of flaws are dubbed microarchitecture data sampling (MDS), and Chipzilla’s official advisory is here, along with the necessary microcode updates to mitigate the data-leaking vulnerabilities and list of affected products. Installing these fixes and disabling Intel’s Hyper-Threading feature is a sure fire way to kill off the bugs, though there may be a performance hit as a result.

  26. Tomi Engdahl says:

    Buffer the Intel flayer: Chipzilla, Microsoft, Linux world, etc emit fixes for yet more data-leaking processor flaws
    Intel CPUs dating back a decade are vulnerable to latest cousin of Spectre

    Intel on Tuesday plans to release a set of processor microcode fixes, in conjunction with operating system and hypervisor patches from vendors like Microsoft and those distributing Linux and BSD code, to address a novel set of side-channel attacks that allow microarchitecture data sampling (MDS).

    Intel’s patch dump coincides with the expected release of research papers by computer scientists – summarized at cpu.fail and zombieloadattack.com – detailing how the vulnerabilities arise from speculative execution – a shortcut taken by modern processors to execute software instructions before they’re needed that has opened new avenues of attack. The vulnerabilities appear to be limited to Intel hardware; the researchers say they were unable to replicate any of their attack primitives on Arm or AMD-designed processors.

    Chipzilla maintains the vulnerabilities being disclosed today are difficult to exploit outside of a laboratory environment.

    MDS describes a way to sample snippets of data as opposed to grabbing it all at once; it’s more like eavesdropping on privileged communications than cracking a safe. As a result, it’s not easy to target specific data or differentiate valuable information from background noise.

  27. Tomi Engdahl says:

    Intel MDS Vulnerabilities: What You Need to Know

    Tech giants have published security advisories and blog posts in response to the Microarchitectural Data Sampling (MDS) vulnerabilities affecting most Intel processors made in the last decade.

    Researchers named the new attack methods ZombieLoad, RIDL (Rogue In-Flight Data Load), Fallout, and Store-to-Leak Forwarding. Intel has assigned them the following names and CVEs: Microarchitectural Fill Buffer Data Sampling (MFBDS, CVE-2018-12130), Microarchitectural Store Buffer Data Sampling (MSBDS, CVE-2018-12126), Microarchitectural Load Port Data Sampling (MLPDS, CVE-2018-12127), and Microarchitectural Data Sampling Uncacheable Memory (MDSUM, CVE-2018-11091).

    The attack methods pose a threat to both PCs and cloud environments, and they allow hackers to get applications, the operating system, virtual machines and trusted execution environments to leak information, including passwords, website content, disk encryption keys and browser history. Attacks can be launched both by a piece of malware present on the targeted system and from the internet.

    However, Intel says exploitation in a real-world attack is not an easy task and the attacker may not be able to obtain valuable information even if the exploit is successful.

  28. Tomi Engdahl says:

    New security flaws have been found in Intel chips—this is what you need to do right now – MIT Technology Review

  29. Tomi Engdahl says:

    CVE-2019-11815: RCE in Linux Kernel Prior to 5.0.8

    Linux machines running distributions powered by kernels prior to 5.0.8 are affected by a race condition vulnerability leading to a use after free, related to net namespace cleanup, exposing vulnerable systems to remote attacks.
    Attackers could exploit the security flaw found in Linux kernel’s rds_tcp_kill_sock TCP/IP implementation in net/rds/tcp.c to trigger denial-of-service (DoS) states and to execute code remotely on vulnerable Linux machines.

    Details: https://vuldb.com/?id.134492
    Patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cb66ddd156203daefb8d71158036b27b0e2caf63

  30. Tomi Engdahl says:

    Can The Hardware Supply Chain Remain Secure?

    The growing number of threats are cause for concern, but is it really possible to slip malicious code into a chip?

    Last year saw two significant incidents that shook people’s faith in the integrity of hardware security. The first was the Meltdown/Spectre flaws found in x86 and Arm processors, to varying degrees. Intel was hit the hardest because of its heavy use of speculative execution, Arm not so much, and different Arm SoCs had varying levels of exposure.

    Software fixes were issued, at the cost of performance. And with its recently-introduced Xeon Scalable processors, Intel has fixed the problem in silicon.

    The second was an October story by Bloomberg that motherboards sold by U.S. ODM Super Micro had tiny chips embedded in them to steal information

  31. Tomi Engdahl says:

    Apple, Amazon, Google, Microsoft and Mozilla release patches for ZombieLoad chip flaws

  32. Tomi Engdahl says:

    Deep Dive: Intel Analysis of Microarchitectural Data Sampling

    This technical deep dive expands on the information in the Microarchitectural Data Sampling (MDS) guidance. Be sure to review the disclosure overview for software developers first and apply any microcode updates from your OS vendor.

  33. Tomi Engdahl says:

    ZombieLoad: How Intel’s Latest Side Channel Bug Was Discovered and Disclosed

    Daniel Gruss, the researcher behind Spectre, Meltdown – and most recently, ZombieLoad – Intel CPU side channel attacks, gives an inside look into how he discovered the flaws.

    The release of a new speculative execution vulnerability called ZombieLoad last week follows a similar disclosure path as Meltdown and Spectre. Threatpost caught up with one of the researchers behind the discovery of ZombieLoad to find out how.

    ZombieLoad was discovered and reported by Michael Schwarz, Moritz Lipp and Daniel Gruss from the Graz University of Technology (known for their previous discoveries of similar attacks, including Meltdown). Gruss sat down with Threatpost to share the story behind ZombieLoad

    For Meltdown, this was something where we saw it is something really dangerous. It has a huge impact right now, but as soon as we have fixed it, it’s not a problem anymore.

    With Zombieload, it’s a bit different. It’s not a spectre, so it’s not something that will haunt us and it’s also not a meltdown, which is a very, very significant, imminent threat. But the Zombieload is rather something that you suddenly discover maybe in a cellar, maybe some loads rising from their graves. Also, it’s difficult to kill. It’s much more difficult to kill than the Meltdown attacks.

    This is why we call it the Zombieload, because it runs a bit headless around and loads data that it shouldn’t load and provides it to us then.

    DG: I can reach a bit back there and include the discovery of Meltdown as well. In 2016, early 2016…

    Someone else also discovered that, Anders Fogh. He blogged about it and then we decided to write a paper together. We submitted this paper to Black Hat and to the CCS, ACM CCS Conference in 2016.

    We presented this together at Black Hat, USA, and there I shared a room with Anders because it’s cheaper to share a room.

    We were wondering if you don’t do this with a prefetch instruction, but with regular memory access instructions, would you be able to get the value from the kernel address and not just see the timing difference? But then we said, “No, if that would be possible, they would have discovered that long ago.” I mean, that would be so obvious to try. Now, we didn’t even give it a shot until in 2017.

    Anders tried it in July 2017. By then, Jann Horn from Google Project Zero had already discovered this, had already discovered that Meltdown actually works, but that was not public information at that point. So Anders was trying it and then he blogged about it later on and said, “Unfortunately it didn’t work.” Then I think I sent him a message on Twitter and said, “I told you, this doesn’t work. I’m not surprised.” Of course, I was wrong. We later on tried this ourselves in December

    “Okay maybe we should try that on our own first before we let a student do that.” A student already signed up for the project so we were a bit in a hurry. And then we tried it and were shocked that it works. We told the student, “Unfortunately the project is not available any more. You have to pick a different one.” And the student didn’t really know what was going on.

    DG: Yeah. The student later on approached us and said, “Ah, now I know why you told me it’s not available anymore.”

    LO: Exactly. Did you then reach out to Intel about that?

    DG: Yes. Yes. That was in December 2017 then. The embargo was already running for long time there. The disclosure of Meltdown was scheduled to be in I think it was 9th of January. And then it broke early on 3rd of January.

    DG: Right from the beginning, for Meltdown, we saw leakage that was not in the cache, data that was not in the cache. And if it’s not in the cache, then the question was where does the data come from? And Intel didn’t believe us that this is possible for a long time. Our collaborators back then in the project didn’t believe us that it was working. It took us quite some time to convince them. At some point, we had a POC that worked for our collaborators. Then they saw, okay, it doesn’t work good, but it works a bit.

    DG: For Meltdown, we already had a defense. That was the KAISER patch. In Linux, we proposed this under a name KAISER, which is an acronym for a longer sentence explaining that we want to eliminate the side channels. Also, the KAISER, the word in German, there is the emperor penguin is called the Kaiserpinguine. It’s the largest penguin, and we thought it’s super nice to use this for Linux which is the mass code of linux, of course.

    DG: They didn’t like it. They changed the name PTI. I don’t understand it.

    The solution they proposed back then was, A, either disable hyper-threading or don’t schedule mutually untrusted workloads on the same core, so on different hyper-threads of the same core. Second, if you switch from the hypervisor, so from a virtual machine host to the virtual machine guest, then you have flash the entire Level 1 cache. This is a lot of performance overhead, but it’s something that you can do.

    Microsoft optimized this a bit. They said, “Well, it’s enough if we track all the memory locations that we accessed while we were in the host and only flash results before we return to the guest, which is also valid assumption and it’s a bit faster, of course, than flashing the entire cache. So it makes sense. Then this problem was also solved… sorry, was also solved if you choose one of these ways to mitigate it.

    LO: I’m curious, taking a step back, obviously there was Spectre and Meltdown and then there was Foreshadow and a few other types of… these types of attacks that were discovered just in the past year. What is the future of this type of flaw?

  34. Tomi Engdahl says:

    Intel ZombieLoad Side-Channel Attack: 10 Takeaways

    MDS Different Than Meltdown and Spectre

    The flaws derive from a process called speculative execution in processors. This process –thrown into the spotlight after the 2018 Spectre and Meltdown flaws came to light – is used in microprocessors so that memory can read before the addresses of all prior memory writes are known.

    However, while speculative execution side channel attacks – like Spectre and Meltdown – targeted data stored in the CPU’s memory; MDS instead refers to issues related to microarchitectural structures of the Intel processors other than the level 1 data cache (where memory is stored). Those issues exists in components called buffers, such as Fill Buffers (temporary buffers between CPU caches), Load Ports (temporary buffers used when loading data into registers) or Store Buffers (temporary buffers to hold store addresses and data).

    Intel Seeking to Downplay Impact

    There are four vulnerabilities in total tied to MDS. Those are CVE-2018-12126, CVE-2018-12127, CVE-2018-12130 and CVE-2019-11091. Intel sought to downplay the vulnerabilities, saying that: “MDS vulnerabilities have been classified as low to medium severity per the industry standard CVSS, and it’s important to note that there are no reports of any real world exploits of these vulnerabilities.”

    Indeed, CVE-2019-11091 has the lowest severity, with a CVSS score of 3.8, and exists in the microarchitectural data sampling structure for uncacheable memory in CPUs. CVE-2018-12126 (which exists in the Store Buffer), CVE-2018-12127 (which exists in the Load Port) and CVE-2018-12130 (existing in the Fill Buffer) meanwhile have a CVSS score or 6.5, or medium severity.

    ZombieLoad: The Hard-Hitting Attack

    The most severe of these attacks is dubbed ZombieLoad, which attacks CVE-2018-12130, the flaw in the Fill Buffer of Intel CPUs. That’s because this attack leaks the most data – attackers are able to siphon data from system applications, operating system and virtual machines. According to a research paper released on Tuesday, researchers said that disabling hyperthreading is the “only possible workaround to mitigate ZombieLoad on current processors.”

    “With ZombieLoad, we showed a novel Meltdown-type attack targeting the processor’s fill-buffer logic. ZombieLoad enables an attacker to leak recently loaded values used by the current or sibling logical CPU,” researchers said.

    Future Chips Won’t Be Vulnerable

    According to Intel’s microcode update guidance, most Intel Core and Xeon chips dating back to 2011 are theoretically vulnerable to MDS-related flaws.

    However, Intel said that the new MDS class of flaws is addressed in hardware starting with select 8th and 9th Generation Intel Core processors, as well as the 2nd Generation Intel Xeon Scalable processor family. Future chips will also have integrated fixes, Intel said.

    Flood of Vendors Security Advisories

    While Intel has provided CPU microcode updates, and recommendations for mitigation strategies for operating system (and hypervisor) software, the company recommends users install the software updates provided by your operating system and/or hypervisor vendor. An array of vendors have released separate security advisories in response to MDS, including Red Hat, Oracle, Apple, Google and Microsoft.

    How can People Know if Their Systems are Impacted?

    Researchers said that it is “very likely” that Intel chip users’ systems are impacted by the MDS vulnerabilities and subsequent attacks.

    “Our attacks affect all modern Intel CPUs in servers, desktops and laptops,” said Fallout researchers in a post. “This includes the latest 9th-generation processors, despite their in-silicon mitigations for Meltdown. Ironically, 9th-generation CPUs are more vulnerable to some of our attacks compared to older generation hardware.”

    Researchers also made a tool, available here, to discover whether their systems are impacted.

    RIDL and Fallout: MDS attacks
    Attacks on the newly-disclosed “MDS” hardware vulnerabilities in Intel CPUs

  35. Tomi Engdahl says:

    Fending off Zombieload attacks will crush your performance

    To fully protect yourself from potential Zombieload attacks, vendors and early benchmarks show you’ll face performance losses of up to 40%.

    How bad is the Intel chip Zombieload security vulnerability? It depends on who you ask. But the potential is grave, with attackers being able to spy on your data. Yes, the fixes are in, but even with operating system patches’ new microcode, to fully protect your systems from potential Zombieload attackers, you must turn off Intel CPU hyper-threading.

  36. Tomi Engdahl says:

    Canonical, the company behind Ubuntu Linux, recommended disabling hyper-threads — if the system is used to execute untrusted or potentially malicious code. Of course, no one means to run such code, but if you’re on a cloud, you have no control over what your neighbor in the next virtual machine (VM) over is running. Red Hat agreed that Zombieload can be especially dangerous on clouds.

    As cloud-security company Twistlock CTO John Morello said, “This vulnerability is probably of greatest impact to dense, multi-tenant public cloud providers. In single-user environments, it’s far less interesting.”

    Source: https://www.zdnet.com/article/fending-off-zombieload-attacks-will-crush-your-performance/#ftag=RSSbaffb68

  37. Tomi Engdahl says:

    Linux vs. Zombieload

    Zombieload, another Intel processor side-channel attack, just like Meltdown and Spectre before it, poses a security threat for Linux systems.

    Zombieload sounds like a bad horror adult film, but it’s actually the latest class of Intel processors security vulnerabilities. Discovered by researchers, attackers can use Zombieload to steal data being used inside a CPU.
    Oh, boy.

    The researchers have shown a Zombieload exploit that can look over your virtual shoulder to see the websites you’re visiting in real-time. Their example showed someone spying on another someone using the privacy-protecting Tor Browser running inside a virtual machine (VM).

    Zombieload’s more formal name is “Microarchitectural Data Sampling (MDS).”

    Unlike the earlier Meltdown and Spectre problems, Intel was given time to ready itself for this problem. Intel has released microcode patches. These help clear the processor’s buffers, thus preventing data from being read.

    To defend yourself, your processor must be updated, your operating system must be patched, and for the most protection, Hyper-Threading disabled. When Meltdown and Spectre showed up, the Linux developers were left in the dark and scrambled to patch Linux. This time, they’ve been kept in the loop.

    Zombieload, the exploit, has three unique attack paths that could allow an attacker to execute a side-channel attack to bypass protections to read memory.

  38. Tomi Engdahl says:

    RIP Hyper-Threading! Massive Intel Issues!


    This should lead to lawsuit because this is basically a defected product. This basically means that these products cannot reach the performance shown on the data sheet on cpu/laptop…

    Buy i7, get i5 instead.

    Intel computers – “Hackers inside”

    They removed hyper threading on the 9700k, remember.

    Intel vulnerabilities, everyone needs to buy our next gen chips so they are not affected by our screw-up wait…fak, I own Intel

  39. Tomi Engdahl says:

    CVE-2019-11815: A Cautionary Tale About CVSS Scores

    Vulnerabilities in the Linux kernel are not uncommon. There are roughly 26 million lines of code, with 3,385,121 lines added and 2,512,040 lines removed in 2018 alone. The sheer complexity of that much code means that vulnerabilities are bound to exist. However, what is not at all common is the existence of unauthenticated remote code execution (RCE) vulnerabilities — a critical issue that every system administrator hopes to avoid.

    On May 8, 2019, the National Vulnerability Database (NVD) published details for a Linux kernel vulnerability, CVE-2019-11815, with a Common Vulnerability Scoring System (CVSS) 3.0 base score of 8.1. The details of the vulnerability include: having an attack vector of “network,” no privileges required, and administrative level code execution — i.e., the confidentiality, integrity, and availability (CIA) impact are all “high.” At first glance, this seems like a worst-case scenario. But assessing a vulnerability’s potential impact goes beyond the attack vector, privileges, and CIA impact of the CVSS base score.

    One component of the CVSS 3 base score is attack complexity, for which this vulnerability has a rating of “high” as well. This means that a successful attack is dependent on a very specific set of circumstances that is hard to achieve

    The description of the vulnerability from the NVD states that the issue was “discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8,” and that there is “a race condition leading to a use-after-free, related to net namespace cleanup.” This is an accurate and concise description of the vulnerability from a code perspective, but the lack of some critical information may lead to alarm given the mention of TCP, or Transmission Control Protocol.

    The first major component of this vulnerability is Reliable Datagram Sockets (RDS)

    Beyond Oracle’s documentation and a very short Wikipedia page, there is not much information about RDS or where it’s typically used. The obscurity of this protocol, combined with the existence of previous local privilege escalation vulnerabilities, has led most popular Linux distributions such as Ubuntu to blacklist kernel modules relating to RDS for many years. This immediately reduces the potential harm of such a vulnerability by a large margin.

  40. Tomi Engdahl says:

    From Nixcraft:

    List critical vulnerabilities in your CPU and Linux mitigation status using bash for loop (https://www.cyberciti.biz/faq/bash-for-loop/):

    for v in /sys/devices/system/cpu/vulnerabilities/*; do echo “${v} : $(cat ${v})”; done

    Or use grep command one liner (https://www.cyberciti.biz/faq/howto-use-grep-command-in-linux-unix/):
    grep . /sys/devices/system/cpu/vulnerabilities/*

  41. Tomi Engdahl says:

    Dan Goodin / Ars Technica:
    Researchers show with RAMBleed that it’s possible to use Rowhammer-style side-channel attacks to read protected memory, even with ECC enabled

    Researchers use Rowhammer bit flips to steal 2048-bit crypto key
    RAMBleed side-channel attack works even when DRAM is protected by error-correcting code.

    The Rowhammer exploit that lets unprivileged attackers corrupt or change data stored in vulnerable memory chips has evolved over the past four years to take on a range of malicious capabilities, including elevating system rights and breaking out of security sandboxes, rooting Android phones, and taking control of supposedly impregnable virtual machines. Now, researchers are unveiling a new attack that uses Rowhammer to extract cryptographic keys or other secrets stored in vulnerable DRAM modules.

    Like the previous Rowhammer-based attacks, the new data-pilfering RAMBleed technique exploits the ever-shrinking dimensions of DRAM chips

    A new side channel

    RAMBleed takes Rowhammer in a new direction. Rather than using bit flips to alter sensitive data, the new technique exploits the hardware bug to extract sensitive data stored in memory regions that are off-limits to attackers. The attacks require only that the exploit hammers memory locations the exploit code already has permission to access. What’s more, the data extraction can work even when DRAM protected by error correcting code detects and reverses a malicious bit flip.

  42. Tomi Engdahl says:

    SSH gets protection against side channel attacks

    Damien Miller (djm@) has just committed a new feature for SSH that should help protect against all the various memory side channel attacks that have surfaced recently.

    Add protection for private keys at rest in RAM against speculation and memory sidechannel attacks like Spectre, Meltdown, Rowhammer and Rambleed. This change encrypts private keys when they are not in use with a symmetic key that is derived from a relatively large “prekey” consisting of random data (currently 16KB).

  43. Tomi Engdahl says:

    New Windows hack warning: Patch Intel systems now to block SWAPGSAttack exploits

    Researchers detail hardware vulnerability that bypasses mitigations against Spectre and Meltdown CPU vulnerabilities on Windows systems – and impacts all systems using Intel processors manufactured since 2012.

    A newly uncovered vulnerability affecting every Windows computer using an Intel processor built since 2012 could allow attackers to bypass safeguards and access information held in a system’s protected kernel memory.

  44. Tomi Engdahl says:

    The NetCAT is out of the bag: Intel chipset exploited to sniff SSH passwords as they’re typed over the network

    Cunning data-snooping side-channel technique is tough to exploit, Chipzilla warns


Leave a Comment

Your email address will not be published. Required fields are marked *