9 Years of AMD Processors Vulnerable to 2 New Side-Channel Attacks

amd processor vulnerabilityamd processor vulnerability

AMD processors from as early as 2011 to 2019 carry previously
undisclosed vulnerabilities that open them to two new different
side-channel attacks, according to a freshly published research.

Known as “Take A Way[1],” the new potential
attack vectors leverage the L1 data (L1D) cache way predictor in
AMD’s Bulldozer microarchitecture to leak sensitive data from the
processors and compromise the security by recovering the secret key
used during encryption.

The research was published by a group of academics from the Graz
University of Technology and Research Institute of Computer Science
and Random Systems (IRISA), who responsibly disclosed the
vulnerabilities to AMD back in August 2019.

“We are aware of a new white paper that claims potential
security exploits in AMD CPUs, whereby a malicious actor could
manipulate a cache-related feature to potentially transmit user
data in an unintended way,” AMD said[2] in an advisory posted on
its website over the weekend.

“The researchers then pair this data path with known and
mitigated software or speculative execution side-channel
vulnerabilities. AMD believes these are not new speculation-based
attacks.”

While the notification doesn’t go into specifics about mitigating
the attack, Vedad Hadžić, one of the key researchers on the paper,
said the vulnerability is
still open
to active exploitation.

With Intel coming under scrutiny for a string of flaws in its
CPUs — from Meltdown,
Spectre
[4], ZombieLoad[5]
to the recent unpatchable CSME
firmware flaw
[6]
— the research is a reminder that no processor architecture is
fully secure.

It’s worth noting that some of the co-authors listed in the
study were also behind uncovering the Meltdown, Spectre, and
ZombieLoad vulnerabilities.

Collide+Probe and Load+Reload Attacks

Like the Intel Spectre attack, the pair of exploits — dubbed
Collide+Probe and Load+Reload — manipulate the
aforementioned L1D cache predictor in order to access data that
should otherwise be secure and inaccessible.

“With Collide+Probe, an attacker can monitor a victim’s memory
accesses without knowledge of physical addresses or shared memory
when time-sharing a logical core,” the researchers outlined. “With
Load+Reload, we exploit the way predictor to obtain highly-accurate
memory-access traces of victims on the same physical core.”

L1D cache way predictor is an optimization mechanism that aims to
reduce the power consumption associated with accessing cached data
in memory:

“The predictor computes a μTag using an undocumented hash function
on the virtual address. This μTag is used to look up the L1D cache
way in a prediction table. Hence, the CPU has to compare the cache
tag in only one way instead of all possible ways, reducing the
power consumption.”

The newly discovered cache attacks work by reverse-engineering this
hashing function to track memory accesses from an L1D cache. While
Collide+Probe exploits μTag collisions in AMD’s L1D cache way
predictor, Load+Reload takes advantage of the way predictor’s
handling of aliased addresses in the memory.

In other words, the two attack techniques can be employed to
exfiltrate sensitive data from another process, sharing the same
memory as the attacker or a process that’s running on a different
logical core of the CPU.

To demonstrate the impact of the side-channel attacks, the
researchers established a cache-based covert channel that
exfiltrated data from a process running on the AMD CPU to another
stealthy process, achieving a maximum transmission rate of
588.9kB/s using 80 channels in parallel on the AMD Ryzen
Threadripper 1920X processor.

With AMD’s EPYC processors being embraced by popular cloud
platforms such as Amazon, Google, and
Microsoft, the
fact that these attacks can be carried out in a cloud setting poses
significant concerns.
[7][8][9]

Furthermore, the security researchers were able to successfully
stage a Collide+Probe attack on some common browsers, namely Chrome
and Firefox, by bypassing address space layout randomization (ASLR)
in browsers, thereby reducing the entropy, and retrieving address
information.

ASLR is a security implementation that’s used to randomize and
mask the exact locations of code and key data areas inside a CPU’s
memory. Put another way, it hinders a potential attacker from
guessing target addresses and jumping to specific sections in the
memory.

“In Firefox, we are able to reduce the entropy by 15 bits with a
success rate of 98% and an average run time of 2.33 s (σ=0.03s,
n=1000),” the researchers noted. “With Chrome, we can correctly
reduce the bits with a success rate of 86.1% and an average run
time of 2.90s (σ=0.25s, n=1000).”

Subsequently, the researchers used the same Collide+Probe attack to
leak kernel memory data and even recover the encryption key from a
T-table implementation that stores intermediate results of
cryptographic operations using the AES cipher.

Mitigating the Attack

The good news is that the twin attacks can be mitigated through a
variety of hardware-only, hardware and software changes, and
software-only solutions — including designing the processor in a
way that allows for dynamically disabling the way predictor
temporarily and clearing the state of the way predictor when
switching between kernel mode and user mode.

This is not the first time AMD processors have been found to be
vulnerable to CPU attacks, including Spectre[10], forcing the company to
release a slew of patches.

It remains to be seen if AMD will fix the flaws highlighted in
the new research. We’ve reached out to AMD for comment and will
update the story if we hear back.

[3]

References

  1. ^
    Take A Way
    (mlq.me)
  2. ^
    AMD
    said
    (www.amd.com)
  3. ^
    vulnerability is still open
    (twitter.com)
  4. ^
    Meltdown, Spectre
    (thehackernews.com)
  5. ^
    ZombieLoad
    (thehackernews.com)
  6. ^
    unpatchable CSME firmware flaw
    (thehackernews.com)
  7. ^
    Amazon
    (aws.amazon.com)
  8. ^
    Google
    (cloud.google.com)
  9. ^
    Microsoft
    (azure.microsoft.com)
  10. ^
    Spectre
    (www.amd.com)

Read more

Leave a Reply