SPOILER Alert – Intel CPUs Impacted by New Vulnerability
SPOILER Alert – Intel CPUs Impacted by New Vulnerability
Spectre and Meltdown were the first of a new breed of processor vulnerability, taking advantage of speculative execution to allow hackers to access previously inaccessible data. Thankfully, these vulnerabilities are extremely difficult to exploit and has not been utilised by any known malware, at least as far as we are aware. Â
SPOILER is the latest speculative attack to be uncovered, with a recent academic paper describing how “Speculative Load Hazards Boost Rowhammer and Cache Attacks”. The name “SPOILER” comes from the Speculative (Sp) nature of the exploit and how the issue spoils existing security measures. At this time SPOILER is only known to affect Intel processors, specifically their 1st Generation Core series CPUs and newer CPUs.Â
Both AMD and ARM processors were investigated as part of the academic paper, which can be read here, though neither were found to exhibit the same behaviours as Intel’s chips. The issue was found to impact Intel processors regardless of the OS used and was functional both within virtual machines and sandboxed environments. Â
An Intel Spokesperson released the following statement regarding SPOILER.Â
   Intel received notice of this research, and we expect that software can be protected against such issues by employing side channel safe software development practices. This includes avoiding control flows that are dependent on the data of interest. We likewise expect that DRAM modules mitigated against Rowhammer style attacks remain protected. Protecting our customers and their data continues to be a critical priority for us and we appreciate the efforts of the security community for their ongoing research.
 Â
Â
“The root cause for SPOILER is a weakness in the address speculation of Intel’s proprietary implementation of the memory subsystem which directly leaks timing behaviour due to physical address conflicts,” reads the paper, marking Intel’s memory subsystem as the cause for the issue. This makes it possible that future hardware generations will address SPOILER, but for today’s CPUs Intel is going to have to create a software or firmware-level mitigation for the issue, which may come with a performance cost. SPOILER does not appear to be addressed by any of today’s Spectre/Meltdown software/firmware mitigations.Â
According to the paper, Intel was informed about SPOILER on December 1st 2018, and so far the company doesn’t appear to have any mitigations for the exploit. When speaking to The Register, Ahmad Moghimi, one of the writers of the SPOILER paper, stated that “My personal opinion is that when it comes to the memory subsystem, it’s very hard to make any changes and it’s not something you can patch easily with a microcode without losing tremendous performance”, later adding “I don’t think we will see a patch for this type of attack in the next five years and that could be a reason why they haven’t issued a CVE.”Â
You can join the discussion on Intel’s SPOILER exploit on the OC3D Forums.   Â