Intel is to patch two flaws in its chips, both of which could leak data including passwords.
The two flaws, CVE-2020-0548 and CVE-2020-0549, could allow information disclosure, Intel said in an advisory, saying it would release firmware updates.
The former, rated as low risk by Intel, takes advantage of cleanup errors in Intel chips that could allow an already authenticated user to nab key data. The latter and more serious of the vulnerabilities was detailed by a team of researchers over the weekend, who dubbed it CacheOut.
The attack is similar to previous major Intel flaws that also used microarchitectural data sampling (MDS), notably ZombieLoad, which the company has already tried to address with patches. "We show that despite Intel's attempts to address previous generations of speculative execution attacks, CPUs are still vulnerable, allowing attackers to exploit these vulnerabilities to leak sensitive data," the researchers say.
"Moreover, unlike previous MDS issues, we show in our work how an attacker can exploit the CPU's caching mechanisms to select what data to leak, as opposed to waiting for the data to be available," they added. "Finally, we empirically demonstrate that CacheOut can violate nearly every hardware-based security domain, leaking data from the OS kernel, co-resident virtual machines, and even SGX enclaves."
The researchers said the flaw impacts chips released up until the end of 2018. "For a select number of processors released after Q4 2018, Intel inadvertently managed to partially mitigate this issue while addressing a previous issue called TSX Asynchronous Abort (TAA)," the researchers noted. Intel added that the vulnerability doesn't impact virtual environments that have applied L1 Terminal Fault mitigations.
Intel is releasing microcode updates to users as part of its regular patching to address the flaw. "As part of our commitment to transparency, the advisory has been released before our planned mitigations can be made available and we expect to release mitigations through our normal Intel Platform Update (IPU) process in the near future," noted Jerry Bryant, director of communications for Intel product assurance and security, in a blog post.
The researchers said they hoped the solution would extend to the chips themselves in the longer term. "Software can mitigate these issues at the cost of features and/or performance," the researchers added. "We hope that somewhere in the future Intel will release processors with in-silicon fixes against this issue."
RELATED RESOURCE
How targeted simulations differ from penetration tests and vulnerability scanning
Stay one step ahead of cyber attackers
The researchers and Intel have both said they've yet to spot hackers using the flaw in the wild.
The team of researchers was made up of academics from Vrije Universiteit Amsterdam, the University of Adelaide, and the University of Michigan.
-
"Thinly spread": Questions raised over UK government’s latest cyber funding schemeThe funding will go towards bolstering cyber skills, though some industry experts have questioned the size of the price tag
-
Modern enterprise cybersecuritywhitepaper Cultivating resilience with reduced detection and response times
-
IDC InfoBrief: How CIOs can achieve the promised benefits of sustainabilitywhitepaper CIOs are facing two conflicting strategic imperatives
-
The complete guide to the NIST cybersecurity frameworkWhitepaper Find out how the NIST Cybersecurity framework is evolving
-
Are you prepared for the next attack? The state of application security in 2024Webinar Aligning to NIS2 cybersecurity risk-management obligations in the EU
-
The economics of penetration testing for web application securitywhitepaper Get the most value from your security solution
-
How to extend zero trust to your cloud workloadsWhitepaper Implement zero trust-based security across your entire ecosystem
-
Four requirements for a zero trust branchWhitepaper Effectively navigate the complex and ever-changing demands of security and network connectivity
