We're live now on Twitch!
You can sign up to get a daily email of our articles, see the Mailing List page!

Say hello to your new best friend 'LVI' - another security flaw in CPUs for Intel

By - | Views: 24,401

Security? What security? Say hello to 'LVI' (Load Value Injection), a new class of' transient-execution attacks' exploiting flaws in modern processors and it defeats all existing countermeasures.

Oh hell. This comes shortly after Intel had another one announced that was 'unfixable', plus one for AMD too and now this all in the space of a month. Rough time right now, for Intel specifically on this one.

LVI turns previous data extraction attacks around, like Meltdown, Foreshadow, ZombieLoad, RIDL and Fallout, and defeats all existing mitigations. Instead of directly leaking data from the victim to the attacker, we proceed in the opposite direction: we smuggle — "inject" — the attacker's data through hidden processor buffers into a victim program and hijack transient execution to acquire sensitive information, such as the victim’s fingerprints or passwords.

It's serious, as they claim the difficulty in solving it is much harder than all previous attacks and will require some computationally expensive software patches. They say it may "slow down Intel SGX enclave computations 2 up to 19 times"—ouch.

They give a quick 4-step process to LVI:

  1. Poison a hidden processor buffer with attacker values.
  2. Induce a faulting or assisted load in the victim program.
  3. The attacker's value is transiently injected into code gadgets following the faulting load in the victim program.
  4. Side channels may leave secret-dependent traces, before the processor detects the mistake and rolls back all operations.

You can also see a demo video below:

YouTube Thumbnail
YouTube videos require cookies, you must accept their cookies to view. View cookie preferences.
Accept Cookies & Show   Direct Link

What about AMD? Well, their current assessment is that LVI only applies to Intel processors that have SGX tech. However, it can affect any other processor if they're vulnerable to a Meltdown-type data leakage.

See more about it on the official site and the research paper is found here. You can see the official Intel security advisory here, plus a list of affected processor products here. Additionally, Intel have their own deep dive here.

Article taken from GamingOnLinux.com.
Tags: Hardware, Intel, Security
23 Likes, Who?
We do often include affiliate links to earn us some pennies. We are currently affiliated with GOG, Humble Store and Paradox Interactive. See more here.
About the author -
author picture
I am the owner of GamingOnLinux. After discovering Linux back in the days of Mandrake in 2003, I constantly came back to check on the progress of Linux until Ubuntu appeared on the scene and it helped me to really love it. You can reach me easily by emailing GamingOnLinux directly.
See more from me
26 comments
Page: 1/3»
  Go to:

Comandante Ñoñardo 10 March 2020 at 9:37 pm UTC
View PC info
This is why we need another player in the x86 CPU market: Nvidia
dpanter 10 March 2020 at 10:04 pm UTC
View PC info
  • Supporter
  • Top Supporter
Another day, another Intel security disaster.
It's not like people warned about this back in 2014 or anything.
Dedale 10 March 2020 at 10:19 pm UTC
View PC info
Comandante ÑoñardoThis is why we need another player in the x86 CPU market: Nvidia

I am not certain it would improve security this way. Intel and AMD have more experience and their CPU's are under more scrutiny. Some other designs may be secure by obscurity.
PopeRigby 10 March 2020 at 10:19 pm UTC
View PC info
  • Supporter
Comandante ÑoñardoThis is why we need another player in the x86 CPU market: Nvidia

I'd love to see RISC-V be a viable desktop architecture. We need fully open source CPUs to help with security issues like this.
Purple Library Guy 10 March 2020 at 10:23 pm UTC
dpanterAnother day, another Intel security disaster.
It's not like people warned about this back in 2014 or anything.
Interesting article. As soon as they described just what the point of SGX was, I immediately thought "Wait, couldn't you use that to make malware that was basically unfindable and undeletable?" and, later on in the article, it indeed brings up that exact issue.
I don't really know anything about computers, at a technical level. If I could figure that out in three seconds, why couldn't the engineers at Intel?
Cybolic 10 March 2020 at 10:46 pm UTC
View PC info
  • Supporter
Is SGX actually used in any way on a standard Linux desktop though?
Linas 10 March 2020 at 10:47 pm UTC
View PC info
  • Supporter
  • Top Supporter
Purple Library GuyI immediately thought "Wait, couldn't you use that to make malware that was basically unfindable and undeletable?" ... I don't really know anything about computers, at a technical level. If I could figure that out in three seconds, why couldn't the engineers at Intel?
Not an expert on the issue, but my bet would be DRM and enterprise environments where they want to lock down and control everything. Many of those "security" and "management" applications are not that dissimilar from spyware in the first place. At least that was probably the original intent. In practice I am yet to see this used for anything other than an attack vector.
omer666 10 March 2020 at 10:49 pm UTC
View PC info
Comandante ÑoñardoThis is why we need another player in the x86 CPU market: Nvidia
God no! Not them!
They are as unfriendly towards open source as a vendor can get. Also don't forget their GPUs already have security flaws to begin with.
mirv 10 March 2020 at 10:50 pm UTC
View PC info
  • Supporter
  • Top Supporter
PopeRigby
Comandante ÑoñardoThis is why we need another player in the x86 CPU market: Nvidia

I'd love to see RISC-V be a viable desktop architecture. We need fully open source CPUs to help with security issues like this.

RISC-V is nowhere near able to approach anything like the performance of modern x86 desktop processors. There are good reasons for this, and RISC-V isn't intended to even try and approach such a goal.

In several years though, maybe it could be sufficient for simple desktops, just like a raspberry pi can be used for simple desktops. If there are some architectural changes to RISC-V.
Linas 10 March 2020 at 10:51 pm UTC
View PC info
  • Supporter
  • Top Supporter
CybolicIs SGX actually used in any way on a standard Linux desktop though?
No. There exist a Linux SGX implementation from Intel themselves, but I am not aware of any application actually using it for anything. Definitely not on your regular desktop at least.


Last edited by Linas on 10 March 2020 at 10:52 pm UTC
While you're here, please consider supporting GamingOnLinux on Patreon, Liberapay or Paypal. We have no adverts, no paywalls, no timed exclusive articles. Just good, fresh content. Without your continued support, we simply could not continue!

You can find even more ways to support us on this dedicated page any time. If you already are, thank you!

You need to Register and Login to comment, submit articles and more.

Or login with...
Sign in with Steam Sign in with Google
Register Forgot Login?
Sales
Visit sales page
Livestreams & Videos
None currently, submit yours here!
Add your own livestream here.
Popular this week
View by Category
Contact
Latest Comments
Latest Forum Posts
Misc