‘Kernel memory leaking’ Intel processor design flaw

https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

A fundamental design flaw in Intel’s processor chips related to virtual memory system (Intel x86-64 hardware) allows normal user programs (even JavaScript in web browsers) to discern to some extent the layout or contents of protected kernel memory areas.

It is understood the bug is present in modern Intel processors produced in the past decade. It appears a microcode update can’t address it, so it has to be fixed in software at the OS level. This has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug, which is expected to cause 5 to 30 per cent slow down of your computer on next update!

Microsoft is expected to publicly introduce the necessary changes to its Windows operating system in an upcoming Patch Tuesday. Patches for the Linux kernel are available. Apple’s 64-bit macOS, will also need to be updated.

This is bad news for Intel. Last year they had AMT vulnerability remote exploit and now this new blow in Intel security. I don’t think that computer buyers like that their computers become slower! 

Details of the vulnerability within Intel’s silicon are under wraps and are expected to be released later this month – so follow the comments for updates.

455 Comments

  1. Tomi Engdahl says:

    Zombieload v2 is the codename of a vulnerability that allows malware or a malicious threat actor to extract information processed inside a CPU, information to which they normally shouldn’t be able to access due to the security walls present inside modern-day CPUs

    Windows & Linux get options to disable Intel TSX to prevent Zombieload v2 attacks
    https://www.zdnet.com/article/windows-linux-get-options-to-disable-intel-tsx-to-prevent-zombieload-v2-attacks/

    Disclosure of new Zombieload v2 vulnerability prompts OS makers to react with ways to disable Intel’s TSX technology.

    Both Microsoft and the Linux kernel teams have added ways to disable support for Intel Transactional Synchronization Extensions (TSX).

    TSX is the Intel technology that opens the company’s CPUs to attacks via the Zombieload v2 vulnerability.

    https://www.zdnet.com/article/intels-cascade-lake-cpus-impacted-by-new-zombieload-v2-attack/

    Reply
  2. Tomi Engdahl says:

    Intel Patches Plundervolt, High Severity Issues in Platform Update
    https://www.bleepingcomputer.com/news/security/intel-patches-plundervolt-high-severity-issues-in-

    platform-update/
    Intel addressed 14 security vulnerabilities during the December 2019
    Patch Tuesday, with seven of them being high and medium severity
    security flaws impacting multiple platforms including Windows and
    Linux. The security issues patched today were detailed in the 9
    security advisories published by Intel on its Product Security Center,
    with the company having delivered them to customers through the Intel
    Platform Update (IPU) process. The vulnerabilities disclosed today
    could allow authenticated or privileged users to potentially enable
    information disclosure, trigger denial of service states, escalate
    privileges, or execute malicious code at an elevated level of
    privilege via local access. Each advisory comes with a detailed list
    of all affected products as well as recommendations for vulnerable
    products, and also include contact details for users and researchers
    who would want to report other vulnerabilities found in Intel branded
    tech or products.
    Hackers Can Mess With Voltages to Steal Intel Chips’ Secrets
    https://www.wired.com/story/plundervolt-intel-chips-sgx-hack/
    A new attack called Plundervolt gives attackers access to the
    sensitive data stored in a processor’s secure enclave. When thieves
    want to steal treasures surrounded by sensors and alarms, they
    sometimes resort to cutting the power, disrupting the flow of
    electricity to those expensive security systems. It turns out that
    hackers can pull off a similar trick: breaking the security mechanisms
    of Intel chips by messing with their power supply, and exposing their
    most sensitive secrets.
    But by momentarily undervolting a
    processor by 25 or 30 percent, and precisely timing that voltage
    change, an attacker can cause the chip to make errors in the midst of
    computations that use secret data. And those errors can reveal
    information as sensitive as a cryptographic key or biometric data
    stored in the SGX enclave. “Writing to memory takes power, ” says
    Flavio Garcia, a computer scientist at the University of Birmingham
    who, along with his colleagues, will present the Plundervolt research
    at IEEE Security and Privacy next year. “So for an instant, you reduce
    the CPU voltage to induce a computation fault.”. Read also:
    https://www.theregister.co.uk/2019/12/10/intel_sgx_youve_been_plunderstruck/

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*