Processor Woes Continue: 7 New Meltdown and Spectre Bugs Arrive Weeks Before The Holidays
2018 is not a good year for chip vendors, as they have not received any break when it comes to the continued stream of discoveries when it comes to their processors’ hardware vulnerabilities. Recently, another batch of 7 distinct Meltdown and Spectre vulnerabilities are publicly disclosed by security researchers. Intel, AMD, and ARM have not yet rested well, and they have to double-time once more to address these new variants of two Meltdown and 5 Spectre exploits, a threat actor taking advantage of these flaws can gain unauthorized access to user data.
The vulnerabilities belonging to this batch are composed of weaknesses discovered in x86 enhancements, while others involve weaknesses on how memory is accessed and protected. Keeping these exploits unpatched enables an attacker to gain access to the system through an exploitation of hardware-based loopholes, something that can only be fixed with a microcode update.
“The vulnerabilities documented in this paper can be fully addressed by applying existing mitigation techniques for Spectre and Meltdown, including those previously documented here, and elsewhere by other chipmakers. Protecting customers continues to be a critical priority for us and we are thankful to the teams at Graz University of Technology, imec-DistriNet, KU Leuven, & the College of William and Mary for their ongoing research,” said an Intel spokesperson when requested for comment.
“Meltdown-PK shows that PKU isolation can be bypassed if an attacker has code execution in the containing process, even if the attacker cannot execute the wrpkru instruction (e.g., due to blacklisting). Moreover, in contrast to cross-privilege level Meltdown attack variants, there is no software workaround. Intel can only fix Meltdown-PK in new hardware or possibly via a microcode update,” explained the researchers.
The proof-of-concept attacks were tested and completely working on Intel Skylake, Intel Haswell, AMD’s E2-2000 APU, Jetson TX1 SOC, and the 2017 Ryzen Threadripper processors. Mitigation patches from last time received a lot of flak from both individual users and various enterprises, as mitigation patches render systems perform significantly much slower than unpatched systems.
ARM has not shown any panic during the disclosure of the hardware bug, and they itinerated.: “The recent Spectre and Meltdown vulnerabilities identified by academic researchers can be addressed by applying existing mitigations as described previously in Arm’s white paper.”
The rest of the security community are continuing their further investigations on the subject. With Cody Brocious, a HackerOne security researcher said: “As long as speculative execution is performed in processors, this type of bug will continue to be discovered. It’s impossible to perform operations without side-effects on a hardware level, and abstractions that pretend such operations are side-effect-free and always going to cause security issues.”
Daniel Gruss, from Graz University of Technology which looked at the past Meltdown and Spectre exploits has the following comment: “Remote attacks are very difficult to mount for now. The threat from transient-execution attacks did not change in any way with this publication. The main thing we tried to contribute to the community was a clear way to analyze and categorize new variants, a clear way to validate and analyze defense techniques. So, this is what changed: Now we can better assess what specific defense techniques offer.”