Sunday, January 24, 00:42
Home security Intel's CPUs are vulnerable to the new 'Snoop' attack

Intel's CPUs are vulnerable to the new 'Snoop' attack

Intel processors are vulnerable to a new attack that may leak data from the CPU's internal memory - also known as cache.

The attack, described as "Snoop-Assisted L1 Data Sampling", or simply Snoop (CVE-2020-0550), was discovered by Pawel Wieczorkiewicz, software engineer at Amazon Web Services (AWS).

Wieczorkiewicz reported the issue to Intel, and after further investigation, company concluded that the patches released in August 2018 for the Foreshadow vulnerability (L1TF) apply to this new attack as well.

A list of Intel processors vulnerable to Snoop attacks is available here. The list includes Intel series, such as Core and Xeon processors.

On a technical level, the new Snoop attack exploits CPU mechanisms such as multiple levels of cache, cache consistency and bus snooping. Below is a simple, non-technical explanation of why the attack exists and how it works.

Processors, cache levels, cache consistency and bus snooping

Today, most modern processors have multiple levels of cache available to store data while processing within the CPU.

Depending on the CPU specifications, there could be a Level 1 (L1), Level 2 (L2) or even Level 3 (L3) cache.

The most commonly used cache level is L1, which is split into two, with one available for user data processing (L1D) and the second for handling of the CPU instruction code (L1I).

Because of the multi-core architectures and multiple cache levels, data is often stored in multiple CPU caches at the same time, even within RAM.

Cache consistency is the process of keeping all cache levels in sync so that L2, L3 and RAM have the same data that are in the L1D cache, the place where they usually change first.

The term "bus snooping" (or "snooping") is the function by which the CPU updates all cache levels when a change occurs in the L1D.

Wieczorkiewicz found that under certain conditions malicious code could exploit the bus snooping feature and cause errors leaking data from the cache coherence process - namely the cache data currently being modified in L1D cache and the efficient leakage of data from the CPU internal memory.

Snoop attacks do not work if you apply L1TF patches

The main disadvantage of this attack is that the malicious code running on one CPU kernel can leak data from other kernels, a problem in cloud computing and in virtual environments.

The good news is that this attack is incredibly difficult and does not return large amounts of data (unlike the original Meltdown and Specter vulnerabilities).

In addition, Intel says the attack also requires conditions that are difficult to satisfy in the real world.

"Given the many complex requirements that must be met in order to be successful, Intel does not believe that Snoop Assisted L1 Data Sampling is a practical method in real-world environments where the operating system is reliable," Intel said.

For users using systems High Risk, the chip maker recommends that the Foreshadow (L1TF) patches released in August 2018 be implemented.

In addition, disabling Intel TSX (Transactional Synchronization Extensions) also significantly reduces all vulnerabilities and makes Snoop attacks even tougher.

Snoop attack can be difficult to accomplish, but it's still notable because it exposes a new vector of attack within functions bus snooping, an area of ​​modern CPU architecture that had not been tested as a possible attack before.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehchttps://www.secnews.gr
Be the limited edition.

LIVE NEWS

Instagram: How to enable notifications for specific profiles

There are some profiles on Instagram where you want to see the content they publish as soon as possible - it can be a news ...
00:01:55

NASA's historic launch pad is to be demolished

NASA's famous Mobile Launcher Platform-2 launch platform, which has been linked to the Apollo and Space Shuttle missions, ...
00:02:12

Elon Musk: Gives $ 100 million for best CO2 capture technology

https://www.youtube.com/watch?v=Y0iUZc30vj4 Ο Elon Musk δήλωσε χθες, στο λογαριασμό του στο Twitter, ότι σκοπεύει να δώσει 100 εκατομμύρια...

How can you unblock sites and services using a VPN?

The Internet is free and open to all. However, there are some sites and services whose content is blocked, which ...

Google Chrome: How to manage your extensions?

Google Chrome extensions can be very useful, as they improve your productivity when using the browser.

Intel CPUs Review: Core i7-10700 vs Core i7-10700K!

Over the years, the Intel series of processors (CPUs) introduced the series of overclocking models "K" and more recently the series ...

The DeLorean can return as an electric car

The DMC DeLorean has been out of production for almost 40 years, but it looks like the iconic vehicle will return as an electric car.

Windows RDP servers are used to support DDoS

Cybercrime gangs are abusing Windows Remote Desktop Protocol (RDP) systems to reinforce the unwanted ...

SEPA: He refused to pay a ransom and thousands of files were leaked

Thousands of stolen files of the Scottish Environmental Protection Agency (SEPA) have been published by hackers, after the organization refused to pay the ransom ...

Fines at Valve, Capcom and Zenimax for geo-exclusion of games

Following a European Commission investigation, a group of video game publishers was fined € 7,8 million following allegations of geo-exclusion practices. In...