Thursday, April 9, 2020

A new type of attack

    Speculative execution attacks seem to come out every month at this point. We’ve previously written about ones like Spectre and Meltdown, which allow an attacker to read portions of memory they should not have access to. A new speculative execution attack has recently been unveiled which focuses on Intel processors and operates with slight differences from previous attack methods. The attack was first discovered on April 4th, 2019 by Jo Van Bulck and has been under a press embargo with Intel until very recently. The attack was also independently discovered by researchers from Bitdefender in February of 2020.

    The new attack goes by the name Load Value Injection, which is a descriptor for a new class of attacks on modern Intel processors. The attack focuses on exfil- trating data from the Intel SGX, which is a vault built into Intel processors designed to store secrets, even if the host operating system is compromised. This new attack class can bypass the mitigations released for all previously known
speculative execution attacks. In addition to bypassing previous mitigations, the researchers say creating mitigations for this attack is much more difficult. They also claim a potential performance impact making SGX computations 19 times slower after mitigations are applied on a system.

     This new attack works in an opposite fashion compared to previous attacks like Spectre and Meltdown. “We smuggle — 'inject' — the attacker's data through hidden processor buffers into a victim program and hijack transient execution to acquire sensitive information, such as the victim’s fingerprints or passwords”, according to the researchers. This is in contrast to previous attacks where the victim’s information was leaked directly to the attacker via arbitrary memory reads. While the researchers haven’t found a way to leverage this new attack across virtual machine domains, they believe it is theoretically possible.

    To mitigate this new attack class, Intel is performing hardware fixes in the sili- con of future CPUs. This should reduce the performance penalty resulting from the software fixes currently being rolled out. For current CPUs that require miti- gation, Intel is releasing an update to its SGX SDK for developers. This update includes multiple fixes such as blacklisting certain processor instructions and explicit speculative execution barriers. According to Intel, depending on your specific workload and threat model, it may be advantageous to forego the patches until the issues are fixes in silicon due to the performance penalties.