Collide+Power, Downfall, and Inception: New Side-Channel Attacks Affecting Modern CPUs

[silversurfer]

Content source

https://thehackernews.com/2023/08/collidepower-downfall-and-inception-new.html

Cybersecurity researchers have disclosed details of a trio of side-channel attacks that could be exploited to leak sensitive data from modern CPUs.

Called Collide+Power (CVE-2023-20583), Downfall (CVE-2022-40982), and Inception (CVE-2023-20569), the novel methods follow the disclosure of another newly discovered security vulnerability affecting AMD's Zen 2 architecture-based processors known as Zenbleed (CVE-2023-20593).

"Downfall attacks target a critical weakness found in billions of modern processors used in personal and cloud computers," Daniel Moghimi, senior research scientist at Google, said. "This vulnerability [...] enables a user to access and steal data from other users who share the same computer."

"[Downfall and Zenbleed] allow an attacker to violate the software-hardware boundary established in modern processors," Tavis Ormandy and Moghimi noted. "This could allow an attacker to access data in internal hardware registers that hold information belonging to other users of the system (both across different virtual machines and different processes)."

 

[vtqhtr413]

It's like a nesting doll of security flaws​

AMD processor users, you have another data-leaking vulnerability to deal with: like Zenbleed, this latest hole can be to steal sensitive data from a running vulnerable machine.… The flaw (CVE-2023-20569), dubbed Inception in reference to the Christopher Nolan flick about manipulating a person's dreams to achieve a desired outcome in the real world, was disclosed by ETH Zurich academics this week. And yes, it's another speculative-execution-based side-channel that malware or a rogue logged-in user can abuse to obtain passwords, secrets, and other data that should be off limits.

Nearly every AMD CPU since 2017 vulnerable to Inception bug

It's like a nesting doll of security flaws

www.theregister.com

 

[[correlate]]

Spectre is a critical CPU vulnerability that was first disclosed in 2018. It exploits the architecture of modern microprocessors, including those developed by Intel, AMD, and Arm. Spectre is a speculative execution vulnerability, which targets a fundamental optimization technique used by processors to improve performance. Speculative execution allows processors to predict and execute upcoming instructions, which can speed up overall performance by executing tasks before they are actually needed. However, Spectre exploits the speculative execution process to leak sensitive data from a computer's memory, potentially exposing highly confidential information such as passwords, encryption keys, and other sensitive data.

From Dreams to Nightmares: Inception Exploit Lets Attackers Steal Your Secrets

A new Spectre-like exploit impacts virtually all AMD processors manufactured since 2017, and allows attackers to steal private information.

www.hackster.io

 

[vtqhtr413]

Microsoft published a support article about the recently disclosed CVE-2022-40982 vulnerability, commonly referred to as Downfall, that affects Windows devices. The vulnerability was disclosed earlier this month. It affects several Intel processor versions and all supported versions of Windows 10, Windows 11 and Windows Server versions 2019 and 2022. Microsoft provides guidance about the security issue in the support document KB5029778. There, the company explains how system administrators may install protections against potential exploits and how to disable the protections.

Successful exploitation of the vulnerability could "be used to infer data from affected CPUs across security boundaries such as user-kernel, processes, virtual machines (VMs), and trusted execution environments". Administrators need to install the Intel Platform Update 23.3 microcode update to mitigate the vulnerability. The update is usually supplied by the original equipment manufacturer and Microsoft recommends contacting the manufacturer for information on obtaining and installing the update. A list of companies and links to driver and software download websites are available on the Intel website.

Intel's latest products are not affected by the vulnerability, including Alder Lake, Raptor Lake and Sapphire Rapids.

Microsoft publishes mitigation instructions for Downfall vulnerability in Windows - gHacks Tech News

Microsoft published a support article about the recently disclosed CVE-2022-40982 vulnerability, commonly referred to as Downfall, that affects Windows devices.

www.ghacks.net