Saturday, March 6, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Privacy

9 Years of AMD Processors Vulnerable to 2 New Side-Channel Attacks

March 9, 2020
in Internet Privacy
9 Years of AMD Processors Vulnerable to 2 New Side-Channel Attacks
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

AMD processors from as early as 2011 to 2019 carry previously undisclosed vulnerabilities that open them to two new different side-channel attacks, according to a freshly published research.

Known as “Take A Way,” the new potential attack vectors leverage the L1 data (L1D) cache way predictor in AMD’s Bulldozer microarchitecture to leak sensitive data from the processors and compromise the security by recovering the secret key used during encryption.

You might also like

Mazafaka — Elite Hacking and Cybercrime Forum — Got Hacked!

Google Cloud Certifications — Get Prep Courses and Practice Tests at 95% Discount

CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws

The research was published by a group of academics from the Graz University of Technology and Research Institute of Computer Science and Random Systems (IRISA), who responsibly disclosed the vulnerabilities to AMD back in August 2019.

“We are aware of a new white paper that claims potential security exploits in AMD CPUs, whereby a malicious actor could manipulate a cache-related feature to potentially transmit user data in an unintended way,” AMD said in an advisory posted on its website over the weekend.

“The researchers then pair this data path with known and mitigated software or speculative execution side-channel vulnerabilities. AMD believes these are not new speculation-based attacks.”

While the notification doesn’t go into specifics about mitigating the attack, Vedad Hadžić, one of the key researchers on the paper, said the vulnerability is still open to active exploitation.

With Intel coming under scrutiny for a string of flaws in its CPUs — from Meltdown, Spectre, ZombieLoad to the recent unpatchable CSME firmware flaw — the research is a reminder that no processor architecture is fully secure.

It’s worth noting that some of the co-authors listed in the study were also behind uncovering the Meltdown, Spectre, and ZombieLoad vulnerabilities.

Collide+Probe and Load+Reload Attacks

Like the Intel Spectre attack, the pair of exploits — dubbed Collide+Probe and Load+Reload — manipulate the aforementioned L1D cache predictor in order to access data that should otherwise be secure and inaccessible.

“With Collide+Probe, an attacker can monitor a victim’s memory accesses without knowledge of physical addresses or shared memory when time-sharing a logical core,” the researchers outlined. “With Load+Reload, we exploit the way predictor to obtain highly-accurate memory-access traces of victims on the same physical core.”

L1D cache way predictor is an optimization mechanism that aims to reduce the power consumption associated with accessing cached data in memory:

“The predictor computes a μTag using an undocumented hash function on the virtual address. This μTag is used to look up the L1D cache way in a prediction table. Hence, the CPU has to compare the cache tag in only one way instead of all possible ways, reducing the power consumption.”

The newly discovered cache attacks work by reverse-engineering this hashing function to track memory accesses from an L1D cache. While Collide+Probe exploits μTag collisions in AMD’s L1D cache way predictor, Load+Reload takes advantage of the way predictor’s handling of aliased addresses in the memory.

In other words, the two attack techniques can be employed to exfiltrate sensitive data from another process, sharing the same memory as the attacker or a process that’s running on a different logical core of the CPU.

To demonstrate the impact of the side-channel attacks, the researchers established a cache-based covert channel that exfiltrated data from a process running on the AMD CPU to another stealthy process, achieving a maximum transmission rate of 588.9kB/s using 80 channels in parallel on the AMD Ryzen Threadripper 1920X processor.

With AMD’s EPYC processors being embraced by popular cloud platforms such as Amazon, Google, and Microsoft, the fact that these attacks can be carried out in a cloud setting poses significant concerns.

Furthermore, the security researchers were able to successfully stage a Collide+Probe attack on some common browsers, namely Chrome and Firefox, by bypassing address space layout randomization (ASLR) in browsers, thereby reducing the entropy, and retrieving address information.

ASLR is a security implementation that’s used to randomize and mask the exact locations of code and key data areas inside a CPU’s memory. Put another way, it hinders a potential attacker from guessing target addresses and jumping to specific sections in the memory.

“In Firefox, we are able to reduce the entropy by 15 bits with a success rate of 98% and an average run time of 2.33 s (σ=0.03s, n=1000),” the researchers noted. “With Chrome, we can correctly reduce the bits with a success rate of 86.1% and an average run time of 2.90s (σ=0.25s, n=1000).”

Subsequently, the researchers used the same Collide+Probe attack to leak kernel memory data and even recover the encryption key from a T-table implementation that stores intermediate results of cryptographic operations using the AES cipher.

Mitigating the Attack

The good news is that the twin attacks can be mitigated through a variety of hardware-only, hardware and software changes, and software-only solutions — including designing the processor in a way that allows for dynamically disabling the way predictor temporarily and clearing the state of the way predictor when switching between kernel mode and user mode.

This is not the first time AMD processors have been found to be vulnerable to CPU attacks, including Spectre, forcing the company to release a slew of patches.

It remains to be seen if AMD will fix the flaws highlighted in the new research. We’ve reached out to AMD for comment and will update the story if we hear back.


Credit: The Hacker News By: noreply@blogger.com (Ravie Lakshmanan)

Previous Post

Walmart leads septet of new Hyperledger members

Next Post

Oh, you won an award? Don't click that vanity scam spam link

Related Posts

Mazafaka — Elite Hacking and Cybercrime Forum — Got Hacked!
Internet Privacy

Mazafaka — Elite Hacking and Cybercrime Forum — Got Hacked!

March 6, 2021
Google Cloud Certifications — Get Prep Courses and Practice Tests at 95% Discount
Internet Privacy

Google Cloud Certifications — Get Prep Courses and Practice Tests at 95% Discount

March 5, 2021
CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws
Internet Privacy

CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws

March 5, 2021
Google Will Use ‘FLoC’ for Ad Targeting Once 3rd-Party Cookies Are Dead
Internet Privacy

Google Will Use ‘FLoC’ for Ad Targeting Once 3rd-Party Cookies Are Dead

March 5, 2021
Extortion Gang Breaches Cybersecurity Firm Qualys Using Accellion Exploit
Internet Privacy

Extortion Gang Breaches Cybersecurity Firm Qualys Using Accellion Exploit

March 4, 2021
Next Post
Oh, you won an award? Don’t click that vanity scam spam link

Oh, you won an award? Don't click that vanity scam spam link

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Zigbee inside the Mars Perseverance Mission and your smart home
Internet Security

Zigbee inside the Mars Perseverance Mission and your smart home

March 6, 2021
Mazafaka — Elite Hacking and Cybercrime Forum — Got Hacked!
Internet Privacy

Mazafaka — Elite Hacking and Cybercrime Forum — Got Hacked!

March 6, 2021
Autonomous Cars And Minecraft Have This In Common  
Artificial Intelligence

Autonomous Cars And Minecraft Have This In Common  

March 5, 2021
The ML Times Is Growing – A Letter from the New Editor in Chief – Machine Learning Times
Machine Learning

Explainable Machine Learning, Model Transparency, and the Right to Explanation « Machine Learning Times

March 5, 2021
FTC joins 38 states in takedown of massive charity robocall operation
Internet Security

FTC joins 38 states in takedown of massive charity robocall operation

March 5, 2021
Google Cloud Certifications — Get Prep Courses and Practice Tests at 95% Discount
Internet Privacy

Google Cloud Certifications — Get Prep Courses and Practice Tests at 95% Discount

March 5, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Zigbee inside the Mars Perseverance Mission and your smart home March 6, 2021
  • Mazafaka — Elite Hacking and Cybercrime Forum — Got Hacked! March 6, 2021
  • Autonomous Cars And Minecraft Have This In Common   March 5, 2021
  • Explainable Machine Learning, Model Transparency, and the Right to Explanation « Machine Learning Times March 5, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates