As expected, researchers keep finding vulnerabilities in chips that allow for speculative execution attacks. The latest flaws affect modern Intel chips with SGX architecture extensions.
Intel Software Guard Extensions (Intel SGX) are designed to store data and applications within a secure section of memory, and the enclave is supposed to protect its contents from being inspected or modified. SGX was originally believed to be resilient to speculative execution attacks. Researchers have found that vulnerabilities in SGX can be exploited to extract the attestation keys used to verify the identity of a secure SGX enclave, allowing an attacker to trick the system into designating an insecure portion of memory as being secured by SGX.
“Making things worse, due to SGX’s privacy features, an attestation report cannot be linked to the identity of its signer. Thus, it only takes a single compromised SGX machine to erode trust in the entire SGX ecosystem,” the researchers wrote on a website disclosing the flaw.
What is Foreshadow?
The group of vulnerabilities have been named L1TF, or L1 Terminal Fault, or Foreshadow. Researchers who reported the flaws to Intel called it Foreshadow, but L1TF, or L1 Terminal Fault, is a much more accurate name. The vulnerabilities allow data to be read from the L1 cache, an area of fast memory, which is available to each processor core. An attacker could read any data held in the cache, including protecting information belonging to the System Management Mode (SMM) and the operating system’s kernel.
It is also theoretically possible that a specially-crafted exploit could steal information from virtual machines running on the same cloud platform as the attacker would be able to read memory belonging to the VM’s hypervisor or to another guest VM. For such an attack to be successful, the VMs being targeted would need to be running on the same processor core.
Foreshadow is similar to Spectre in that the vulnerabilities are the result of chip design decisions that optimized kernel processing speed that inadvertently exposed data to other processes. Like Spectre and Meltdown, the name Foreshadow actually refers to a group of vulnerabilities. They affect SGX (CVE-2018-3615), operating systems and SMM (CVE-2018-3620), and virtualization (CVE-2018-3646).
A team from Belgian university KU Leuven and a team consisting of researchers from Israel-based Technion, University of Michigan, Australia’s University of Adelaide, and Australia-based CSIRO’s Data61, discovered the vulnerabilities independently.
Intel said no real-world cases have been reported. For the moment, attackers need to be able to run code on the targeted systems before they can use the exploits.
Which Chips are Affected?
The flaws are Intel-specific, and include Intel Core i3/i5/i7/M processor (45nm and 32nm), 2nd/3rd/4th/5th/6th/7th/8th generation Intel Core processors, Intel Core X-series Processor Family for Intel X99 and X299 platforms, Intel Xeon processor 3400/3600/5500/5600/6500/7500 series, Intel Xeon Processor E3 v1/v2/v3/v4/v5/v6 Family, Intel Xeon Processor E5 v1/v2/v3/v4 Family, Intel Xeon Processor E7 v1/v2/v3/v4 Family, Intel Xeon Processor Scalable Family, and Intel Xeon Processor D (1500, 2100). All SGX-enabled Core processors, Skylake and Kaby Lake are affected.
Atom family processors with SGX support remain unaffected, as are chips from AMD.
What IT Needs to Do
Most Linux users and system administrators who have applied the Spectre and Meltdown patches have a lot of the mitigations already in place, However, there are specific operating system and virtualization updates that also need to be applied. One of the mitigations is to disable Hyper-Threading, which will protect the systems, but significantly reduce the chip’s performance. This step would be most likely necessary in enterprises running untrusted guest virtual machines, Red Hat said.
Because two of the issues specifically affect virtualization, VMware published an advisory for VMware vShere, Workstation and Fusion and another for vCloud Usage Meter (UM) Identity Manager (vIDM), vCenter Server (vCSA), vSphere Data Protection (VDP), vSphere Integrated Containers (VIC) and vRealize Automation (vRA). Patches are available for the former advisory and pending for the latter. Virtual appliance mitigations are available until patches become available. All systems running any version of Xen are impacted. Applying the latest software updates would prevent guest systems from leaking data to other guests.
“New microcode, and possibly a new firmware image is required to prevent SMM data from being leaked with this vulnerability,” Xen said.
Oracle also identified which products are impacted and provided instructions on how to mitigate the attacks for Oracle Linux 7, Oracle Linux 6 and Oracle VM Server for X86 products. Oracle Linux customers can use Oracle Ksplice to apply these updates without needing to reboot their systems. The company is working on "necessary mitigations" to protect customers across "all Oracle Cloud offerings."
Linux distributions Red Hat, SUSE, Debian, Gentoo, and Ubuntu have published advisories and are working on pushing out updates.
Cisco said that while its products are not directly affected, its networking appliances could still be targeted if the hosting environment is vulnerable.
“Cisco recommends that customers harden their virtual environments, tightly control user access, and ensure that all security updates are installed. Customers who are deploying products as a virtual device in multi-tenant hosting environments should ensure that the underlying hardware, as well as the operating system or hypervisor, is patched against the vulnerabilities in question,” the company said.
Intel claims it has not seen any significant performance impact introduced by the available mitigations, either on PCs or data center workloads.
The Foreshadow vulnerabilities affect modern Intel processors and could allow sensitive data to be stolen from memory. However, the biggest risks are to data handled by cloud platforms since it is theoretically possible that virtual machines would be able to read data from other VMs on the host machine.
Listen to Cloud Providers
The biggest impact, much like Spectre and Meltdown, will be felt by large platform providers such as Amazon, Google, and Microsoft as they have to secure the infrastructure so that individual systems don't leak data to other systems on the platform. Here is a rundown from the biggest vendors:
Microsoft has released several updates that should mitigate Foreshadow on individual systems as well as on Microsoft Azure. Windows Server administrators will have to safeguard its virtual environment. Microsoft mitigated L1TF for Hyper-V on Azure with HyperClear, which is also available for Windows Server 2016 and later, and has "relatively negligible performance impact."
Google has also updated its infrastructure as well as Google Cloud Platform. Users should still update guest operating systems to reduce risks, and users of Google Cloud Platform services, such as Google App Engine Flexible Environments and Google Cloud Composer, should follow the outlined mitigation steps.
Amazon Web Services notified customers that the infrastructure is protected from these types of attacks, and that additional security mechanisms for L1TF have been deployed. An updated kernel is available for Amazon Linux, ALAS-2018-1058, and customers should use the stronger security and isolation properties of EC2 instances to separate untrusted workloads.
“All EC2 host infrastructure has been updated with these new protections, and no customer action is required at the infrastructure level,” AWS said.