[ad_1]
In recent months, several major vulnerabilities affecting the majority of processors available on the market have been discovered. They mainly affect the processors of the US Intel foundry as well as some chips designed by ARM and IBM, but also, to a lesser extent, the CPUs produced by AMD. It has been shown that some of them have existed for almost 20 years.
The best known among these vulnerabilities are most likely: Meltdown, Specter, BranchScope, Foreshadow and TLBleed. These exploits would allow an attacker to divert various types of data (pbadwords, cryptographic keys) on a system without being detected or stopped by the traditional security tools. Processors produced by Intel are almost always the most sensitive or the only ones concerned by these exploits.
A new study conducted by researchers from Tampere and Havana Technology Universities (respectively in Finland and Cuba) has shown that Intel processors are undergoing a new side-channel attack, dubbed PortSmash, which allows filtering information from processes running through in parallel on the same physical nucleus.
To be more precise, PortSmash allows an attacker to execute a malicious process and legitimate processes by using the parallel execution capabilities of the architecture and to filter the legitimate process data on the same kernel.
We have recently discovered a new vector for CPU microarchitecture attack, the researchers wrote.
This new critical hardware vulnerability exploits the SMT (Simultaneous Multi Threading), a multitouch oriented technology that allows to run several parallel computing threads on a CPU kernel. However, the technology commonly known as Intel-developed Hyperthreading, which is found on many modern processors, is only an implementation of the SMT allowing two logical cursors to be activated for each physical center available on a die. Hyperthreading allows you to run two instances simultaneously of the same program or two different programs using the best resources of the processor.
Researchers checked the Intel chipset of the Skylake and Kaby Lake generations. They suggested, however, that all the processors that have benefited from the implementation of the SMT in their architecture should be concerned by PortSmash. They strongly suspect the AMD chips will also be affected by this new vulnerability.
Paul Kocher, the Cryptographic Security Expert who discovered Spectrum, pointed out that one of the key factors contributing to making PortSmash such an inquiring discovery is how OpenSSL performs sensitive operations using branch-based, value-based branching instructions. secrtes.
The research team suggested disabling the SMT or Hyperthreading functionality at the bios level and updating OpenSSL, ideally to OpenSSL 1.1.1.1 or any other higher or equal version of OpenSSL 1.1.0i, as potential fixes.
This discovery is one of the first results of the SCARE research program: Side-Channel Aware Engineering funded by the European Research Council, whose objective is to find and mitigate new attacks by lateral channel. PortSmash is the second major hardware vulnerability that targets the Intel processor Hyperthreading feature after the TLBleed announcement last June.
The researchers recently released their discovery CVE-2018-5407 and Intel was informed of this vulnerability last month, but has not yet reacted to this new attack or made any possible corrections possible.
Source : WccfTech, OpenWall
And you ?
What do you think ?
See as well
Yet Another Vulnerability Discovered in Intel CPUs, Microprocessor Provider Makes Recommendations to Mitigate It
Intel announces three new vulnerabilities affecting its processors that could allow access to data from the computer's memory
Spectrum / Meltdown: new flaws in the processors, they allow to read the internal registers, the memory kernel and that of the hte
Researchers Reveal New Manufacturing Defects in CPUs, a New Generation of Spectrum and Meltdown Vulnerabilities?
[ad_2]
Source link