Intel has spent a year working with partners like Microsoft to mitigate a new vulnerability in its CPUs that can’t be fixed at the hardware level, according to the security team at Bitdefender that identified the issue.
The vulnerability, which would let a determined attacker access kernel memory from a user mode process, affects CPUs from Intel Ivy Bridge (introduced 2012) right up to the latest processor series on the market.
The new side-channel attack builds on previous research which led to the Spectre and Meltdown attacks, but bypasses all known mitigation mechanisms implemented in the wake of the high-profile vulnerabilities.
See also: EXCLUSIVE: GCHQ, NSA Still Using Punched Paper Tape for Crypto Key Production
With hardware mitigation impossible, the chipmaker has pushed the issue upstream, working with Microsoft to build security into Windows.
Microsoft “silently” pushed out a patch to resolve the issue on July 9, without identifying the CPU maker. It acknowledged that fix in a security update (CVE-2019-1125) published today that described it as “a variant of the Spectre Variant 1 speculative execution side channel vulnerability”
Patches are available for a wide range of desktop Windows iterations (7, 8.1, 10), as well as Windows Servers 2008, 2012, 2016, Microsoft said.
Bitdefender noted that, while not exhaustive, its research indicates that other x86 processors are not affected, nor are Linux machines.
New Intel CPU Vulnerability: How Does it Work?
The issue involves a functionality in Intel CPUs that is used to increase performance, by executing instructions before knowing if they are required or not: something known as speculative execution.
The attack involves speculative execution of instructions within the OS kernel that breaks the memory isolation provided by the CPU, allowing an unprivileged attacker to access privileged, kernel memory.
Unlike earlier Spectre and Meltdown exploits, it relies on the SWAPGS instruction. (As Bitdefender puts it: “Think of it as a bridge that sometimes goes into the kernel space and sometimes goes into the user space”).
In shared resource environments (like those in many cloud configurations), the new vulnerability could allow one virtual machine (VM) to access information from another. On standalone systems, an attacker would need prior access to the system or an ability to run code on the system remotely to exploit the vulnerability, the Romanian security firm said.
Dangerous, But Tough to Exploit…
The new Intel CPU vulnerability would be highly complicated to exploit, Bitdefender’s director of threat research, Bogdan Botezatu, told Computer Business Review, saying his team had found it “poking about” in CPUs.
In a call today, he said: “It’s a type of attack that’s unfeasible in consumer-grade malware. There are other attacks that are much more effective.
“But even if it’s difficult to mount – you need to spend several hours sampling information and recomposing it in a meaningful manner – it is exactly the kind of attack that a threat attacker would use against a high-profile target. It is very effective and more importantly, doesn’t leave any trace.”
Intel: “We Believe Strongly in the Value of Coordinated Disclosure… Encourage Everyone to Keep Systems Up to Date”
An Intel spokesperson said: “On August 6th, researchers from BitDefender published a paper entitled ‘Security Implications of Speculatively Executing Segmentation Related Instructions on Intel CPUs‘.
“As stated in their paper, Intel expects that exploits described by the researchers are addressed through use of existing mitigation techniques. We believe strongly in the value of coordinated disclosure and value our partnership with the research community. As a best practice, we continue to encourage everyone to keep their systems up-to-date.”
(Bitdefender reiterated that Intel’s reference to “existing mitigation techniques did not refer to Spectre or Meltdown mitigations, saying: “The SWAPGS vulnerability has been mitigated by Microsoft’s patch released as part of the CVE-2019-1125. Previous mitigations for Spectre and Meltdown did not address this issue. This fix did not exist before July.”)
Yuriy Bulygin, the CEO of firmware and hardware security specialist Eclypsium, told Computer Business Review: “This appears to be a new exploit which takes advantage of the speculative execution vulnerability but using a SWAPGS instruction executed speculatively with OS kernel privileges.
“Speculatively executed SWAPGS changes kernel-mode GS back to user-mode GS causing following instructions that normally would access kernel memory to be executed speculatively in ring0 but with a user-provided GS base.
“A mitigation appears to be instrumenting OS code/gadgets (eg. SYSRET/SYSCALL and interrupt handlers) with SWAPGS instruction such that it cannot be executed speculatively, which is similar to Spectre v1 mitigation.”
He added: “This is a new space of vulnerabilities and researchers will be finding more for quite some time. Hardware-related vulnerabilities are being found not only in CPUs but also in every major component of computer systems including BMC, SSD, and DRAM. Determining which systems are affected and which mitigations are applicable, deploying these mitigations, and monitoring for exploitation requires industry-wide coordination. It’s encouraging to see Intel and OS vendors working with the security research community and security solution providers to develop mitigations and detection capabilities as new vulnerabilities are discovered.”
“A Primitive Instruction”
An update from Red Hat today offered further technical details, noting: “The SWAPGS instruction is a primitive instruction and does not validate the correctness of the values it uses. There are cases where the system may enter kernel code but may not require the swap or may re-enter kernel mode when already running in kernel mode… As a result, it is possible that these conditional branches in the Linux kernel entry code may mis-speculate into code that will not perform the SWAPGS, resulting in a window of speculative execution during which the wrong GS is used for dependent memory operations. A typical Spectre-style side-channel analysis may be performed on the timing results by a suitably skilled attacker.”
It noted: “While Red Hat’s Linux Containers are not directly impacted by third-party hardware vulnerabilities, their security relies upon the integrity of the host kernel environment. Red Hat recommends that you use the most recent versions of your container images.”
Bitdefender took the opportunity to highlight the powers of its “Hypervisor Introspection”; a tool that analyses the memory of guest VMs. It could stop the attack by removing the conditions required for it to succeed on unpatched Windows systems, it said, adding that Hypervisor Introspection is supported as a technology preview by Citrix Hypervisor, Xen, and KVM.
Updated August 7, 8:33 BST: Intel’s US PR agency told Computer Business Review in an email that this is “not an Intel-specific issue. We would appreciate if you could update your article to note that this is an industry-wide issue that affects both Intel and AMD.”
AMD rejects that claim, saying “based on external and internal analysis, AMD believes it is not vulnerable to the SWAPGS variant attacks because AMD products are designed not to speculate on the new GS value following a speculative SWAPGS. For the attack that is not a SWAPGS variant, the mitigation is to implement our existing recommendations for Spectre variant 1.” (i.e. no new mitigations have been required.)