HOME

TheInfoList



Click Here for Items Related To - Microarchitectural Data Sampling
OR:
Microarchitectural Data Sampling on:   [Wikipedia]   [Google]   [Amazon]

The Microarchitectural Data Sampling (MDS) vulnerabilities are a set of weaknesses in Intel x86 microprocessors that use hyper-threading, and leak data across protection boundaries that are architecturally supposed to be secure. The attacks exploiting the vulnerabilities have been labeled Fallout, RIDL (''Rogue In-Flight Data Load''), ZombieLoad., and ZombieLoad 2.


Description

The vulnerabilities are in the implementation of
speculative execution Speculative execution is an optimization (computer science), optimization technique where a computer system performs some task that may not be needed. Work is done before it is known whether it is actually needed, so as to prevent a delay that woul ...
, which is where the processor tries to guess what instructions may be needed next. They exploit the possibility of reading data buffers found between different parts of the processor. * Microarchitectural Store Buffer Data Sampling (MSBDS), * Microarchitectural Load Port Data Sampling (MLPDS), * Microarchitectural Fill Buffer Data Sampling (MFBDS), * Microarchitectural Data Sampling Uncacheable Memory (MDSUM), *Transactional Asynchronous Abort (TAA)
CVE-2019-11135
Not all processors are affected by all variants of MDS.


History

According to Intel in a May 2019 interview with Wired, Intel's researchers discovered the vulnerabilities in 2018 before anyone else. Other researchers had agreed to keep the exploit confidential as well since 2018. On 14 May 2019, various groups of security researchers, amongst others from Austria's Graz University of Technology, Belgium's Catholic University of Leuven, and Netherlands' Vrije Universiteit Amsterdam, in a disclosure coordinated with Intel, published the discovery of the MDS vulnerabilities in Intel microprocessors, which they named Fallout, RIDL and ZombieLoad. Three of the TU Graz researchers were from the group who had discovered Meltdown and Spectre the year before. On 12 November 2019, a new variant of the ZombieLoad attack, called Transactional Asynchronous Abort, was disclosed.


Impact

According to varying reports, Intel processors dating back to 2011 or 2008 are affected, and the fixes may be associated with a
performance A performance is an act or process of staging or presenting a play, concert, or other form of entertainment. It is also defined as the action or process of carrying out or accomplishing an action, task, or function. Performance has evolved glo ...
drop. Intel reported that processors manufactured in the month before the disclosure have mitigations against the attacks. Intel characterized the vulnerabilities as "low-to-medium" impact, disagreeing with the security researchers who characterized them as major, and disagreeing with their recommendation that operating system software manufacturers should completely disable hyperthreading. Nevertheless, the ZombieLoad vulnerability can be used by hackers exploiting the vulnerability to steal information recently accessed by the affected microprocessor.


Mitigation

Fixes to operating systems, virtualization mechanisms, web browsers and
microcode In processor design, microcode serves as an intermediary layer situated between the central processing unit (CPU) hardware and the programmer-visible instruction set architecture of a computer. It consists of a set of hardware-level instructions ...
are necessary. , applying available updates on an affected PC system was the most that could be done to mitigate the issues. *Intel incorporated fixes in its processors starting shortly before the public announcement of the vulnerabilities. *On 14 May 2019, a mitigation was released for the
Linux kernel The Linux kernel is a Free and open-source software, free and open source Unix-like kernel (operating system), kernel that is used in many computer systems worldwide. The kernel was created by Linus Torvalds in 1991 and was soon adopted as the k ...
, and
Apple An apple is a round, edible fruit produced by an apple tree (''Malus'' spp.). Fruit trees of the orchard or domestic apple (''Malus domestica''), the most widely grown in the genus, are agriculture, cultivated worldwide. The tree originated ...
,
Google Google LLC (, ) is an American multinational corporation and technology company focusing on online advertising, search engine technology, cloud computing, computer software, quantum computing, e-commerce, consumer electronics, and artificial ...
,
Microsoft Microsoft Corporation is an American multinational corporation and technology company, technology conglomerate headquartered in Redmond, Washington. Founded in 1975, the company became influential in the History of personal computers#The ear ...
, and Amazon released emergency patches for their products to mitigate ZombieLoad. *On 14 May 2019,
Intel Intel Corporation is an American multinational corporation and technology company headquartered in Santa Clara, California, and Delaware General Corporation Law, incorporated in Delaware. Intel designs, manufactures, and sells computer compo ...
published a security advisory on its website detailing its plans to mitigate ZombieLoad.


See also

* Transient execution CPU vulnerabilities * Hardware security bug


References


Further reading


Original papers by the researchers

* * * * *


Information from processor manufacturers

* *


External links


Official disclosure website of ZombieLoad

RIDL and Fallout: MDS attacks
'' Vrije Universiteit Amsterdam'' {{Portal bar, Business and economics Transient execution CPU vulnerabilities Intel x86 microprocessors 2019 in computing X86 memory management