New Spectre derivative bug haunts Intel processors

Intel just can’t catch a break these days. Researchers at Ohio State University have found a way to use the Spectre design flaw to break into the SGX secure environment of an Intel CPU to steal information.

SGX stands for Software Guard eXtensions. It was first introduced in 2014 and is a mechanism that allows applications to put a ring around sections of memory that blocks other programs, the operating system, or even a hypervisor from accessing it.

These walled-off areas are called enclaves, and they are typically used to run things such as DRM code without allowing anyone, even privileged malware, to spy on the decryption keys. It can also allow sensitive code to be run on an otherwise untrusted or unsecured machine.

The researchers noted that because there are vulnerable code patterns inside the SDK runtime libraries, any code developed with Intel’s official SGX SDK will be impacted by the attacks. It doesn’t matter how the enclave program is implemented.

The researchers who found the exploit have dubbed it SgxPectre. Like Spectre and Meltdown, it allows malicious code to access and read the memory. The good news is that exploiting the vulnerabilities requires local access. You must have direct access to the computer; it can’t be done remotely or through a driveby web attack.

Intel fix for SgxPectre exploit due March 16

Another bit of good news is Intel is preparing a fix for release on March 16, via software, and it won’t impact performance the way Meltdown software fixes knee-capped performance of cloud providers like Amazon by up to 20 percent.

The researchers who found it are from Ohio State University, and they are all Chinese: Professors Yinqian Zhang, Zhiqiang Lin, and Ten Lai and students Guoxing Chen, Sanchuan Chen, and Yuan Xiao. Let the conspiracy theories begin. They have posted a how-to video with sample code on GitHub, stating, “Similar to their non-SGX counterparts, SgxPectre attacks exploit the race condition between the injected, speculatively executed memory references and the latency of the branch resolution.”

The team also published a formal paper outlining how malicious program can take advantage of the CPU’s branch predictor so that when the processor is executing SGX enclave code, the contents of the secure environment’s private memory and CPU registers can be observed via slight changes to the state of the cache.

Since the problem is in the SDK, it’s a software bug, so a software fix is easy. At least compared to rearchitecting a CPU. Intel responded with the following statement:

“We are aware of the research paper from Ohio State and have previously provided information and guidance online about how Intel SGX may be impacted by the side channel analysis vulnerabilities. We anticipate that the existing mitigations for Spectre and Meltdown, in conjunction with an updated software development toolkit for SGX application providers — which we plan to make available on March 16 — should be effective against the methods described in that research. We recommend customers make sure they are always using the most recent version of the toolkit.”