Exploits: AMD - TakeAWay, Intel - CSME

[grarpamp]

https://mlq.me/download/takeaway.pdf
https://www.amd.com/en/corporate/product-security


https://thehackernews.com/2020/03/intel-csme-vulnerability.html

https://thehackernews.com/2020/03/amd-processors-vulnerability.html

1.5+ YEARS, lol at responsible disclosure (irresponsible suppression)


9 Years of AMD Processors Vulnerable to 2 New Side-Channel Attacks
March 09, 2020 Ravie Lakshmanan
amd processor vulnerability
AMD processors from as early as 2011 to 2019 carry previously
undisclosed vulnerabilities that open them to two new different
side-channel attacks, according to a freshly published research.

Known as "Take A Way," the new potential attack vectors leverage the
L1 data (L1D) cache way predictor in AMD's Bulldozer microarchitecture
to leak sensitive data from the processors and compromise the security
by recovering the secret key used during encryption.

The research was published by a group of academics from the Graz
University of Technology and Research Institute of Computer Science
and Random Systems (IRISA), who responsibly disclosed the
vulnerabilities to AMD back in August 2019.

"We are aware of a new white paper that claims potential security
exploits in AMD CPUs, whereby a malicious actor could manipulate a
cache-related feature to potentially transmit user data in an
unintended way," AMD said in an advisory posted on its website over
the weekend.

"The researchers then pair this data path with known and mitigated
software or speculative execution side-channel vulnerabilities. AMD
believes these are not new speculation-based attacks."

While the notification doesn't go into specifics about mitigating the
attack, Vedad Hadžić, one of the key researchers on the paper, said
the vulnerability is still open to active exploitation.

With Intel coming under scrutiny for a string of flaws in its CPUs —
from Meltdown, Spectre, ZombieLoad to the recent unpatchable CSME
firmware flaw — the research is a reminder that no processor
architecture is fully secure.

It's worth noting that some of the co-authors listed in the study were
also behind uncovering the Meltdown, Spectre, and ZombieLoad
vulnerabilities.

Collide+Probe and Load+Reload Attacks

Like the Intel Spectre attack, the pair of exploits — dubbed
Collide+Probe and Load+Reload — manipulate the aforementioned L1D
cache predictor in order to access data that should otherwise be
secure and inaccessible.

    "With Collide+Probe, an attacker can monitor a victim's memory
accesses without knowledge of physical addresses or shared memory when
time-sharing a logical core," the researchers outlined. "With
Load+Reload, we exploit the way predictor to obtain highly-accurate
memory-access traces of victims on the same physical core."


L1D cache way predictor is an optimization mechanism that aims to
reduce the power consumption associated with accessing cached data in
memory:

    "The predictor computes a μTag using an undocumented hash function
on the virtual address. This μTag is used to look up the L1D cache way
in a prediction table. Hence, the CPU has to compare the cache tag in
only one way instead of all possible ways, reducing the power
consumption."


The newly discovered cache attacks work by reverse-engineering this
hashing function to track memory accesses from an L1D cache. While
Collide+Probe exploits μTag collisions in AMD's L1D cache way
predictor, Load+Reload takes advantage of the way predictor's handling
of aliased addresses in the memory.

In other words, the two attack techniques can be employed to
exfiltrate sensitive data from another process, sharing the same
memory as the attacker or a process that's running on a different
logical core of the CPU.

To demonstrate the impact of the side-channel attacks, the researchers
established a cache-based covert channel that exfiltrated data from a
process running on the AMD CPU to another stealthy process, achieving
a maximum transmission rate of 588.9kB/s using 80 channels in parallel
on the AMD Ryzen Threadripper 1920X processor.

With AMD's EPYC processors being embraced by popular cloud platforms
such as Amazon, Google, and Microsoft, the fact that these attacks can
be carried out in a cloud setting poses significant concerns.

Furthermore, the security researchers were able to successfully stage
a Collide+Probe attack on some common browsers, namely Chrome and
Firefox, by bypassing address space layout randomization (ASLR) in
browsers, thereby reducing the entropy, and retrieving address
information.

ASLR is a security implementation that's used to randomize and mask
the exact locations of code and key data areas inside a CPU's memory.
Put another way, it hinders a potential attacker from guessing target
addresses and jumping to specific sections in the memory.

    "In Firefox, we are able to reduce the entropy by 15 bits with a
success rate of 98% and an average run time of 2.33 s (σ=0.03s,
n=1000)," the researchers noted. "With Chrome, we can correctly reduce
the bits with a success rate of 86.1% and an average run time of 2.90s
(σ=0.25s, n=1000)."


Subsequently, the researchers used the same Collide+Probe attack to
leak kernel memory data and even recover the encryption key from a
T-table implementation that stores intermediate results of
cryptographic operations using the AES cipher.

Mitigating the Attack

The good news is that the twin attacks can be mitigated through a
variety of hardware-only, hardware and software changes, and
software-only solutions — including designing the processor in a way
that allows for dynamically disabling the way predictor temporarily
and clearing the state of the way predictor when switching between
kernel mode and user mode.

This is not the first time AMD processors have been found to be
vulnerable to CPU attacks, including Spectre, forcing the company to
release a slew of patches.

It remains to be seen if AMD will fix the flaws highlighted in the new
research. We've reached out to AMD for comment and will update the
story if we hear back.
"