New Foreshadow Vulnerabilities Defeat Memory Defenses on Intel CPUs
Security researchers have uncovered a new way to exploit the speculative execution feature of Intel CPUs to bypass memory security barriers and leak protected information.
The vulnerability, known as Foreshadow or L1 Terminal Fault (L1TF), has three variants. The original variant was discovered by a team of researchers from KU Leuven University, Technion – Israel Institute of Technology, University of Michigan, University of Adelaide and Data61, and affects the Software Guard eXtensions (SGX) feature of Intel CPUs.
SGX is a trusted execution environment with hardware-enforced confidentiality and integrity guarantees. It is present in 6th generation (Skylake) and later Intel CPUs and is used by programs to set up secure enclaves where they can execute sensitive code or store secrets.
Like Spectre and Meltdown, Foreshadow abuses speculative execution, a performance-enhancing feature of modern CPUs. However, it allows attackers to read SGX-protected memory, which was not possible with Spectre.
The the new attack was reported to Intel in January, not long after Spectre and Meltdown were announced. Since then, the company’s security team has uncovered two other variants that affect additional microprocessors, operating systems and hypervisors. These are known as Foreshadow-NG (New Generation) or CVE-2018-3620 and CVE-2018-3646.
“Foreshadow-NG can be used for extracting any information residing in the L1 cache, including information belonging to the System Management Mode (SMM), the Operating System’s (OS) Kernel, or other Virtual Machines (VMs) running on third-party clouds,” researchers said on a website dedicated to the attack.
This means that user processes could potentially read memory protected by the OS kernel, guest operating systems that run inside virtual machines could read the memory of other guest VMs or of the hypervisor itself, or a malicious operating system could read memory protected by the SMM.
The original Foreshadow attack against SGX (CVE-2018-3615) is mitigated through CPU microcode updates that Intel has already released, while the Foreshadow-NG variants are mitigated for most users through operating system and hypervisor updates, some of which were released Aug. 14.
“There is a portion of the market – specifically a subset of those running traditional virtualization technology, and primarily in the data center – where it may be advisable that customers or partners take additional steps to protect their systems,” Leslie Culbertson, Intel’s executive vice president and general manager of Product Assurance and Security, said in a blog post. “This is principally to safeguard against situations where the IT administrator or cloud provider cannot guarantee that all virtualized operating systems have been updated.”
The actions that IT administrators must take in such a situation is to enable core scheduling in the hypervisor, if such a feature is available, or to disable the CPU’s hyper-threading function.
Hyper-threading allows hypervisors to use a single physical CPU core as multiple virtual CPUs for different virtual machines. This means those virtual CPUs will share the same L1 data cache, a small pool of memory designed to store information about what a physical processor core is likely to do next.
Intel has studied the performance impact of the Foreshadow mitigations on various desktop and data center tasks and has concluded that for most PC clients the impact will be non-existent or minimal. In environments where it cannot be guaranteed that all virtualized guest operating systems have been updated, some data center workloads might incur a more significant performance impact, especially on database operations such as postgreSQL.
These are the latest in a long string of architectural vulnerabilities in CPUs that have been found and disclosed since Spectre and Meltdown. Last week at the Black Hat USA security conference, researcher Ben Gras from VU Amsterdam presented the details of another CPU vulnerability called TLBleed that abuses hyper-threading and the translation lookaside buffer (TLB) to leak secrets such as encryption keys.
Pingback: Microsoft Pushes Microcode Updates for Foreshadow CPU Flaws - Security Boulevard