Hi all
It seems that researchers/bug hunters have found another flaw in the design of certain Intel CPUs.
https://www.theregister.co.uk/2018/08/1 ... al_damage/
Thus far, it has been termed "Foreshadow" and relates to how SGX is implemented in the CPU, which helps to authenticate some software via a process called "attestation".
So far, not a lot is known (though that will change for sure) but it seems likely that this might also affect DRM security on other forms of media.
I assume that now this is out in the open, that Intel will get some patches issued that may fix things. Indeed it seems that in fixing this issue, two other flaws have been found as well.
As to how widespread this issue is, remains to be seen and of course what affect it will have, if any, on any PC.
regards
Tim
Another Intel CPU flaw
-
- UBT Forum Admin
- Posts: 9686
- Joined: Mon Mar 13, 2006 12:00 am
- Location: NW Midlands
- Contact:
Re: Another Intel CPU flaw
https://software.intel.com/security-sof ... inal-fault
However ...
Mark
So a patch from Intel and an update to Windows from Microsoft and VMWare from Oracle.L1 Terminal Fault-SGX (CVE-2018-3615)—Systems with microprocessors utilizing speculative execution and Intel SGX may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via side-channel analysis.
snip
Intel has released new microcode for many processors affected by L1TF.
snip
While these microcode updates provide important mitigation during enclave entry and exit, updated microcode by itself is not sufficient to protect against L1TF. Deploying OS and VMM updates is also required to mitigate L1TF.
However ...
So no hyperthreading even when patched?When hyperthreading is enabled, the possibility of L1TF or E2E attacks from the sibling logical processor still exists before the enclave secret in L1 data cache is flushed or cleared.
Mark