Foreshadow, known as L1 Terminal Fault (L1TF) by

Intel Intel Corporation is an American multinational corporation and technology company headquartered in Santa Clara, California. It is the world's largest semiconductor chip manufacturer by revenue, and is one of the developers of the x86 seri ...

, is a

vulnerability Vulnerability refers to "the quality or state of being exposed to the possibility of being attacked or harmed, either physically or emotionally." A window of vulnerability (WOV) is a time frame within which defensive measures are diminished, com ...

that affects modern

microprocessor A microprocessor is a computer processor where the data processing logic and control is included on a single integrated circuit, or a small number of integrated circuits. The microprocessor contains the arithmetic, logic, and control circ ...

s that was first discovered by two independent teams of researchers in January 2018, but was first disclosed to the public on 14 August 2018. The vulnerability is a

speculative execution Speculative execution is an optimization technique where a computer system performs some task that may not be needed. Work is done before it is known whether it is actually needed, so as to prevent a delay that would have to be incurred by doing ...

attack on

Intel processor This generational list of Intel processors attempts to present all of Intel's processors from the pioneering 4-bit 4004 (1971) to the present high-end offerings. Concise technical data is given for each product. Latest 13th generation Co ...

s that may result in the disclosure of sensitive information stored in

personal computer A personal computer (PC) is a multi-purpose microcomputer whose size, capabilities, and price make it feasible for individual use. Personal computers are intended to be operated directly by an end user, rather than by a computer expert or tec ...

s and third-party clouds. There are two versions: the first version (original/Foreshadow) () targets data from SGX enclaves; and the second version (next-generation/Foreshadow-NG) () targets

virtual machine In computing, a virtual machine (VM) is the virtualization/ emulation of a computer system. Virtual machines are based on computer architectures and provide functionality of a physical computer. Their implementations may involve specialized h ...

s (VMs),

hypervisor A hypervisor (also known as a virtual machine monitor, VMM, or virtualizer) is a type of computer software, firmware or hardware that creates and runs virtual machines. A computer on which a hypervisor runs one or more virtual machines is called ...

s (VMM),

operating system An operating system (OS) is system software that manages computer hardware, software resources, and provides common services for computer programs. Time-sharing operating systems schedule tasks for efficient use of the system and may also i ...

s (OS) kernel memory, and

System Management Mode System Management Mode (SMM, sometimes called ring −2 in reference to protection rings) is an operating mode of x86 central processor units (CPUs) in which all normal execution, including the operating system, is suspended. An alterna ...

(SMM) memory. A listing of affected Intel hardware has been posted. Foreshadow is similar to the

Spectre Spectre, specter or the spectre may refer to: Religion and spirituality * Vision (spirituality) * Apparitional experience * Ghost Arts and entertainment Film and television * ''Spectre'' (1977 film), a made-for-television film produced and writ ...

security vulnerabilities discovered earlier to affect

and

AMD Advanced Micro Devices, Inc. (AMD) is an American multinational semiconductor company based in Santa Clara, California, that develops computer processors and related technologies for business and consumer markets. While it initially manufactur ...

chips, and the

Meltdown Meltdown may refer to: Science and technology * Nuclear meltdown, a severe nuclear reactor accident * Meltdown (security vulnerability), affecting computer processors * Mutational meltdown, in population genetics Arts and entertainment Music * Me ...

vulnerability that also affected Intel. AMD products are not affected by the Foreshadow security flaws. According to one expert, " oreshadowlets malicious software break into secure areas that even the Spectre and Meltdown flaws couldn't crack". Nonetheless, one of the variants of Foreshadow goes beyond Intel chips with SGX technology, and affects "all ntel

Core Core or cores may refer to: Science and technology * Core (anatomy), everything except the appendages * Core (manufacturing), used in casting and molding * Core (optical fiber), the signal-carrying portion of an optical fiber * Core, the centra ...

processors built over the last seven years". Foreshadow may be very difficult to exploit. As of 15 August 2018, there seems to be no evidence of any serious hacking involving the Foreshadow vulnerabilities. Nevertheless, applying software patches may help alleviate some concern, although the balance between security and performance may be a worthy consideration. Companies performing

cloud computing Cloud computing is the on-demand availability of computer system resources, especially data storage ( cloud storage) and computing power, without direct active management by the user. Large clouds often have functions distributed over mu ...

may see a significant decrease in their overall computing power; people should not likely see any performance impact, according to researchers. The real fix, according to Intel, is by replacing today's processors. Intel further states, "These changes begin with our next-generation Intel Xeon Scalable processors (code-named Cascade Lake), as well as new client processors expected to launch later this year 018" On 16 August 2018, researchers presented technical details of the Foreshadow security vulnerabilities in a seminar, and publication, entitled "Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution" at a USENIX security conference.

History

Two groups of researchers discovered the security vulnerabilities independently: a Belgian team (including Raoul Strackx, Jo Van Bulck, Frank Piessens) from imec-DistriNet,

KU Leuven KU Leuven (or Katholieke Universiteit Leuven) is a Catholic research university in the city of Leuven, Belgium. It conducts teaching, research, and services in computer science, engineering, natural sciences, theology, humanities, medicine, ...

reported it to Intel on 3 January 2018; a second team from

Technion – Israel Institute of Technology The Technion – Israel Institute of Technology ( he, הטכניון – מכון טכנולוגי לישראל) is a public research university located in Haifa, Israel. Established in 1912 under the dominion of the Ottoman Empire, the Technion ...

(Marina Minkin, Mark Silberstein),

University of Adelaide The University of Adelaide (informally Adelaide University) is a public research university located in Adelaide, South Australia. Established in 1874, it is the third-oldest university in Australia. The university's main campus is located on N ...

(Yuval Yarom), and

University of Michigan , mottoeng = "Arts, Knowledge, Truth" , former_names = Catholepistemiad, or University of Michigania (1817–1821) , budget = $10.3 billion (2021) , endowment = $17 billion (2021)As o ...

(Ofir Weisse, Daniel Genkin, Baris Kasikci, Thomas F. Wenisch) reported it on 23 January 2018. The vulnerabilities were first disclosed to the public on 14 August 2018.

Mechanism

The Foreshadow vulnerability is a

attack on

s that may result in the disclosure of sensitive information stored in

s and third-party clouds. There are two versions: the first version (original/Foreshadow) ( ttacks SGX targets data from SGX enclaves; and the second version (next-generation/Foreshadow-NG) ( ttacks the OS Kernel and SMM modeand ttacks virtual machines targets

s (VMs),

s (VMM),

s (OS) kernel memory, and

(SMM) memory. Intel considers the entire class of speculative execution side channel vulnerabilities as "L1 Terminal Fault" (L1TF). For Foreshadow, the sensitive data of interest is the encrypted data in an SGX enclave. Usually, an attempt to read enclave memory from outside the enclave is made, speculative execution is permitted to modify the cache based on the data that was read, and then the processor is allowed to block the speculation when it detects that the protected-enclave memory is involved and reading is not permitted. Speculative execution can use sensitive data in a level 1 cache before the processor notices a lack of permission. The Foreshadow attacks are stealthy, and leave few traces of the attack event afterwards in a computer's logs. On 16 August 2018, researchers presented technical details of the Foreshadow security vulnerabilities in a seminar, and publication, at a USENIX security conference.

Impact

Foreshadow is similar to the

security vulnerabilities discovered earlier to affect

and

chips, and the

vulnerability that affected Intel. AMD products, according to AMD, are not affected by the Foreshadow security flaws. According to one expert, " oreshadowlets malicious software break into secure areas that even the Spectre and Meltdown flaws couldn't crack". Nonetheless, one of the variants of Foreshadow goes beyond Intel chips with SGX technology, and affects "all ntelCore processors built over the last seven years". Intel notes that the Foreshadow flaws could produce the following: * Malicious applications, which may be able to infer data in the operating system memory, or data from other applications. * A malicious guest virtual machine (VM) may infer data in the VM's memory, or data in the memory of other guest VMs. * Malicious software running outside of SMM may infer data in SMM memory. * Malicious software running outside of an Intel SGX enclave or within an enclave may infer data from within another Intel SGX enclave. According to one of the discoverers of the computer flaws: "... the SGX security hole can lead to a "Complete collapse of the SGX ecosystem." A partial listing of affected Intel hardware has been posted, and is described below. (Note: a more detailed - and updated - listing of affected products is on th
official Intel website
) * Intel Core i3/i5/i7/M processor (45 nm and 32 nm) * 2nd/3rd/4th/5th/6th/7th/8th generation Intel Core processors * Intel Core X-series processor family for Intel X99 and X299 platforms * Intel Xeon processor 3400/3600/5500/5600/6500/7500 series * Intel Xeon Processor E3 v1/v2/v3/v4/v5/v6 family * Intel Xeon Processor E5 v1/v2/v3/v4 family * Intel Xeon Processor E7 v1/v2/v3/v4 family * Intel Xeon Processor Scalable family * Intel Xeon Processor D (1500, 2100) Foreshadow may be very difficult to exploit, and there seems to be no evidence to date (15 August 2018) of any serious hacking involving the Foreshadow vulnerabilities.

Mitigation

Applying software patches may help alleviate some concern(s), although the balance between security and performance may be a worthy consideration. Companies performing

References

External links

* * * * * {{Portal bar, Business and economics Speculative execution security vulnerabilities Hardware bugs Side-channel attacks X86 architecture X86 memory management 2018 in computing