Intel yesterday announced three new critical vulnerabilities in its CPUs that were discovered by the Universities of Leuven, Michigan and Adelaide and the Israel Institute of Technology. Processors in the widely used Core and Xeon series are affected.
Intel has given the vulnerabilities as single name: L1 Terminal Fault (L1TF). The University of Leuven calls the leak Foreshadow.
Through the vulnerabilities researchers can gain access to isolated parts of the processor. In these parts sensitive data of users is processed, such as passwords. Since 2015, Intel protects sensitive parts of the processor with a technology it calls Intel Software Guard Extension (Intel SGX). The security researchers found a way to crack the protection by abusing a method in the processor that should ensure the processor works as efficient as possible.
Modern processors do this by predicting upcoming tasks. Sometimes the predictions are wrong, but the processor nevertheless already loaded the required data. Sometimes this is sensitive data, that is normally deleted once the processor knows its prediction was wrong, and it doesn’t need the data. Intel SGX however, doesn’t always properly delete that data and therefore traces of the sensitive data are left.
Based on those traces, the researchers were able to gain access to normally isolated parts of the processors. The researchers found three methods to abuse nearly the same vulnerability.
Intel was aware of the vulnerabilities for a couple months already and the chip giant will start to release updates for operating systems that support Intel chips immediately. The updates fix two vulnerabilities that can especially impact consumers. Data centers will likely have to take additional measures. Both Microsoft and Oracle have informed their professional users about the consequences of the vulnerabilities. According to Intel, the updates should have hardly any effect on the performance of the processors and there are no reports where the vulnerabilities were exploited in ‘the wild’.
It’s not the first time Intel’s processors are affected by security issues. Earlier this year the vulnerabilities Meltdown and Spectre were revealed. Updates for these leaks did slightly lowered performance of affected CPUs.
Update: An Intel spokesperson adds, “L1 Terminal Fault is addressed by microcode updates released earlier this year, coupled with corresponding updates to operating system and hypervisor software that are available starting today. We’ve provided more information on our web site and continue to encourage everyone to keep their systems up to date, as its one of the best ways to stay protected. We’d like to extend our thanks to the researchers at imec-DistriNet, KU Leuven, Technion- Israel Institute of Technology, University of Michigan, University of Adelaide and Data61 and our industry partners for their collaboration in helping us identify and address this issue.”