Basic search

K
myhack58佚名MYHACK58:62201994150
HistoryMay 15, 2019 - 12:00 a.m.

Zombieload: Intel CPU exposure of a new side channel attack-exploit warning-the black bar safety net

2019-05-1500:00:00
佚名
www.myhack58.com
85

5.6 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

4.7 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:C/I:N/A:N

0.001 Low

EPSS

Percentile

23.9%

! [](/Article/UploadPic/2019-5/2019515185455532. png)

Security personnel recently discovered for Intel processor of the new side channel attack, which is also following the earlier Meltdown, the Spectre and Foreshadow after a fairly serious security problems. This vulnerability may allow an attacker to obtain the current processor is processing the data.

For the speculative execution of the new attack mode
With three previous side-channel attacks in a similar way, the new attack is the use of the processor’s speculative execution problems in the process.
This vulnerability whereby the former involved in the Meltdown, the Spectre of vulnerability research on the part of the security personnel, as well as Bitdefender security personnel of the joint discovery, which is actually for the micro-architecture of the data sampling(MDS)attack, you can use the micro-architecture of the speculative execution of the operation to infer other applications on the processor in the data processing.
Currently such(MDS)attack has four kinds, respectively is directed to the storage buffer area of the attack CVE-2018-12126/Fallout, the loading buffer CVE-2018-12127, and a line fill buffer CVE-2018-12130/Zombieload/RIDL, and the memory area CVE-2019-11091 it. Wherein Zombieload is severity the highest, to be able to get the maximum amount of data.

The scope of the impact
Recently published research papers mentioned, since 2011 the release of all Intel processors is likely to be affected, especially the cloud hosting services may be subject to larger shocks. There are already part of the security personnel posted some demo videos, here you can watch(1、2、3)。 The demo showed Zombieload attack can achieve a breakthrough between applications of the privacy protection function to obtain sensitive information.

Bug fixes
Currently Intel has released a microcode update, and the new processor will not be affected. Expect Microsoft, Apple and Linux each release will also soon launch a system update to mitigate this vulnerability.
At the same time Intel also noted that the MDS attacks actually use the higher difficulty, its practical impact is not so large.
The current security personnel have been Zombieload establish a website and publish the research papers, bug fixes navigation and other content, the user can timely update: https://zombieloadattack.com/ the.

5.6 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

4.7 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:C/I:N/A:N

0.001 Low

EPSS

Percentile

23.9%

Related for MYHACK58:62201994150