Another vulnerability within Intel processors has been discovered by researchers, and it's yet another substantial flaw for servers in particular.
Tracked down by an extensive team of researchers and Bitdefender, the Load Value Injection (also known as LVI) affects many products from the third-generation Ivy Bridge chips to the 10th-generation Comet Lake series of processors.
Effectively, the issue builds upon the vulnerabilities seen with Meltdown that was previously patched out, but it circumvents that patch and continues to attack.
It's considered a 'reverse Meltdown' attack because instead of a hacker extracting data from the processor caches, it instead injects malicious code into the processing pipeline, leading it to be able to steal sensitive data and keys from Intel SGX, the secure vault in Intel processors for storing data. It means information such as encryption or passwords kept in memory could be accessed, allowing the attacker to gain control of the machine.
Due to how it works, it's much harder to mitigate than past attacks as it can affect "virtually any access to memory" according to the report. Worst of all, researchers reckon that it could theoretically be executed via JavaScript which means physical access to the machine isn't even required. This hasn't been tested as of yet, but it's a big concern for those attempting to keep servers and data centres secure.
It sounds alarming and it sort of is, but it's something that's mostly a threat to those kind of systems rather than consumer setups. There's also the matter of it being very hard to do, with researchers pointing out that it isn't an imminent threat to the majority of users.
Despite that though, it's hardly great news for Intel which continues to suffer from vulnerability issues which are sure to concern system administrators.
Bitdefender claims it told Intel of the issue last month and explained that current mitigations for the likes of Meltdown, Spectre and MDS aren't enough for this new flaw. It claims that a full fix requires either disabling hyper-threading or purchasing new hardware with in-silicon fixes.
In response, Intel reckons that "LVI is not a practical exploit in real-world environments where the OS and VMM are trusted," due to how complex the hack is, explaining that admins and developers should carefully consider whether they need to patch to mitigate against it at this time. Essentially saying not to worry about it.
Regardless of if it is a major problem or not, it's hardly good PR for a company that has had issues in the past. Then again, it was recently discovered that AMD processors manufactured between 2011 and 2019 are vulnerable to 2 attacks, suggesting that neither company are as perfect as we could do with them being.
October 14 2021 | 15:04
Want to comment? Please log in.