Security flaw in Intel, AMD processors affect billions of computers worldwide

After the vulnerability disclosure, Intel has issued guidance suggesting software developers to write code in a way that is not vulnerable to side-channel attacks.

May 10, 2021 05:31 pm | Updated 05:31 pm IST

Security flaw in Intel, AMD processors affect billions of computers worldwide.

Security flaw in Intel, AMD processors affect billions of computers worldwide.

(Subscribe to our Today's Cache newsletter for a quick snapshot of top 5 tech stories. Click here to subscribe for free.)

In 2018, researchers found a hardware flaw that impacted processors and devices worldwide, including CPU architectures from Intel and AMD.

Named Spectre, the flaw was built into modern computer processors that get their speed from speculative execution. This technique helps processor predict instructions it might end up executing and prepares by following the predicted path to pull the instructions from memory.

The attack tricked the processor into executing instructions along the wrong path. By the time the processor recovered and completed its task as instructed, hackers could access confidential data.

After Spectre was revealed, computer scientists worked on patches and defences and believed they were able to protect devices without slowing down the speed too much.

However, computer science researchers from University of Virginia (UVA) have found new variants of the Spectre that breaks all current defences, putting billions of computers across the globe at risk.

The UVA team collaborated with University of California, San Diego and detailed their findings in a paper titled, “I See Dead µops: Leaking Secrets via Intel/AMD Micro-Op Caches”.

Ashish Venkat, who led the team, told The Hindu that security vulnerability is a result of the side effects of a major performance feature in modern Intel and AMD processors called micro-op cache.

Also Read : Google discovers security flaws in Apple Safari browser

Micro-op cache speeds up computing by storing simple commands and allowing the processor to fetch them quickly and early in the speculative execution process.

It affects all computers that contain Intel processors manufactured since 2011, and the attacks, similar to Spectre attacks of 2018, affects secure code.

The discovery reveals that hackers can steal data when a processor fetches commands from the micro-op cache.

Since all current Spectre defenses protect the processor in a later stage of speculative execution, they are useless in protecting from new attacks. Two variants of the attacks the team discovered can steal speculatively accessed information from Intel and AMD processors.

“This vulnerability is also much harder to fix because the micro-op cache is such an integral performance feature that sits at the front of the pipeline,” Venkat said.

“Any slowdown at the front of the pipeline is going to impact everything else downstream.”

Venkat and his team have shared their work with Intel and AMD. After the vulnerability disclosure, Intel has issued guidance suggesting software developers to write code in a way that is not vulnerable to side-channel attacks.

"Developers who wish to protect secret data against timing side channel methods should ensure that their code runtime, data access patterns, and code access patterns are identical independent of secret values," Intel said.

Venkat noted that it is important for hardware vendors to invest in securing existing hardware through potential microcode patches and in the long run, through hardware designed with a security focus.

“The risks here are that the vulnerability we’ve discovered has made Spectre attacks stealthier and more powerful, and Spectre attacks already had the ability to break secure code – so all software that was previously considered impervious to attack is now vulnerable,” he said.

Also Read : Cyber agency cautions users against certain weaknesses detected in WhatsApp

The team has, in its paper, outlined several potential mitigations, including flushing the micro-op cache at protection domain crossings, but these could come at a high performance cost.

“It is really unclear how to solve this problem in a way that offers high performance to legacy hardware, but we have to make it work,” Venkat said. “Securing the micro-op cache is an interesting line of research and one that we are considering.”

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.