Announcements , Security January 10, 2018

Severe security exploit renders all modern CPUs vulnerable

Yorgos Fountis

2 min read
Share
Image for Severe security exploit renders all modern CPUs vulnerable

Well, we hate starting 2018 with this kind of an update, but a series of security vulnerabilities called Spectre and Meltdown made the news recently. These vulnerabilities are serious and unreal enough to be out of a Mr Robot episode. They can be exploited in almost all modern CPUs and are independent of the operating system. And as if this doesn’t sound scary enough, they were present in Intel architectures for many years without anyone knowing anything.
Both vulnerabilities exploit modern CPU optimisation techniques such as out-of-order execution and branch-prediction. The result is attackers being able  to read arbitrary memory locations, even inside other processes or VMs, or execute arbitrary code in memory. Branch prediction is a CPU technique that is used to predict how an “if-then-else” statement will occur,  offering significant performance gains. By using Spectre however, one can trick the CPU to miscalculate and branch to an arbitrary memory location and execute arbitrary code.

Out of order execution is another technique by which the processor, instead of waiting for some data to be ready until it executes the next command, fetches and executes the data that is available right now, re-ordering the results accordingly afterwards. Because a certain CPU cache is changed every time that the CPU does out-of-order lookups, researchers have found a way to exploit this. By capturing side-channel information (such as these changes in the cache) and transmitting them to the outside world via a covert channel, see the Flush+Reload section in (1) , an attacker on the receiving end can use this information to reconstruct the register value. This can be effectively used to dump the entire kernel memory.

The impact is frighteningly wide, affecting multiple devices such as PCs, laptops, tablets and even smartphones. According to Paul Kocher et al. (1):

We have empirically verified the vulnerability of several Intel processors to Spectre attacks, including Ivy Bridge, Haswell and Skylake based processors. We have also verified the attack’s applicability to AMD Ryzen CPUs. Finally, we have also successfully mounted Spectre attacks on several Samsung and Qualcomm processors (which use an ARM architecture) found in popular mobile phones.

Hair-raising stuff really. 

Our upstream provider is planning on deploying Meltdown and Spectre mitigations for its entire fleet starting next week. We’re closely monitoring the matter, and we’ll keep you posted. 

(1) Paul Kocher , Daniel Genkin , Daniel Gruss , Werner Haas , Mike Hamburg , Moritz Lipp , Stefan Mangard , Thomas Prescher , Michael Schwarz , Yuval Yarom. “Spectre Attacks: Exploiting Speculative Execution”.  Independent, University of Pennsylvania, University of Maryland,  Graz University of Technology, Cyberus Technology, Rambus, Cryptography Research Division,University of Adelaide and Data61.
Share

Did you like this article?

Subscribe to our blog and get awesome WordPress content straight to your inbox.

SUBSCRIBE

OUR READERS ALSO VIEWED:

Image for WordPress 5.4 Is Here… Find Out What’s New!
07 April 2020

WordPress 5.4 Is Here… Find Out What’s New!

WordPress 5.4 has landed and comes with a host of new features including some significant block updates, a 14% faster editor and more!
Alexander Newnham
Alexander Newnham
5 min read
Image for PHP 7.4 Now Available!
31 March 2020

PHP 7.4 Now Available!

PHP 7.4 has been rolled out to all regions and is available for use for both newly created and current websites!
Petros Koumantarakis
Petros Koumantarakis
2 min read
Image for Support for TLSv1.1 is Ending
28 January 2020

Support for TLSv1.1 is Ending

Security is a top priority at Pressidium. Due to the very low levels of traffic that are using TLSv1.1 we are ending support for TLSv1.1
Alexander Newnham
Alexander Newnham
2 min read