Intel Processors Affected by Newly Discovered Speculative Execution Flaws
Microarchitectural Data Sampling Flaw Exploited by ZombieLoad Attack
Intel has been in the news in the past 24 hours thanks to the latest CPU exploit discovery called ZombieLoad, though patches have already been released by Microsoft as well as Apple and Google. This new side-channel vulnerability as described by Intel in their post yesterday concerns what Intel is calling microarchitectural data sampling (MDS):
“First identified by Intel’s internal researchers and partners, and independently reported to Intel by external researchers, MDS is a sub-class of previously disclosed speculative execution side channel vulnerabilities and is comprised of four related techniques. Under certain conditions, MDS provides a program the potential means to read data that program otherwise would not be able to see. MDS techniques are based on a sampling of data leaked from small structures within the CPU using a locally executed speculative execution side channel. Practical exploitation of MDS is a very complex undertaking. MDS does not, by itself, provide an attacker with a way to choose the data that is leaked.”
While disabling Hyper-Threading had been advised in initial reports as a fix for the vulnerability patches since released should alleviate concerns about SMT. In fact, there were already fixes on the way by the time ZombieLoad was announced, as reported by PC World:
“Intel officials also went out of their way to point out that the ZombieLoad research team worked with it and others in the PC industry to put fixes in place before disclosing the exploit.”
Intel states that MDS mitigations are present in “select” 8th and 9th generation Core processors, and says they “expect all future Intel processors include hardware mitigations addressing these vulnerabilities”. A full list of affected processors is available from Intel here (PDF).