CATEGORIES
home News

Son Of Spectre: Intel Discloses Foreshadow Exploit Of Secure Enclave In Skylake And Kaby Lake CPUs

by Brandon HillTuesday, August 14, 2018, 08:42 PM EDT
foreshadow
If you thought Spectre and Meltdown were bad, there are new exploits that have the potential to seriously compromise modern Intel processors. The latest class of exploits are called Foreshadow, and were was disclosed today by Intel via a blog post.

The exploit involves Intel's Software Guard Extensions, which is better known as SGX. SGX is supposed to serve as a secure enclave within memory on the processor to ward off malicious entities accessing private data. SGX has in the past been able to help mitigate Meltdown and Spectre attacks, but Foreshadow has the ability to access the SGX-protected L1 data cache.

Intel describes the attack vector for Foreshadow, writing, "Accessing a logical or linear address that is not mapped to a physical location on the hardware will result in a terminal fault. Once the fault is triggered, there is a gap before resolution where the processor will use speculative execution to try to load data."

When a processor uses speculative execution, a side-channel attack method -- i.e. Foreshadow -- could follow digital bread crumbs to map what paths are taken and find other weaknesses that could lead to compromising data. There's just a brief moment of opportunity where a Foreshadow attack could actually compromise a system, and it's an attack vector that is extremely hard to pull off in the real world. However, if successful, it could give an attacker access to highly sensitive data and system privileges that should otherwise be off limits. We highly recommend watching the video above for a breakdown on how this attack works.

In addition to the mainline Foreshadow exploit, there is also Foreshadow-NG which can affect Virtual Machine Monitors, Hypervisors, System Management Mode and OS kernel memory. Foreshadow SGX attack has a Common Vulnerability Scoring System (CVSS) rating of 7.9, which is designated as severe. The SMM and VMM variants both have CVSS base scores of 7.1.

Researchers from KU Leuven University, Technion – Israel Institute of Technology, University of Michigan, University of Adelaide and Data61 are credited with alerting Intel to these vulnerabilities and working to help mitigate them. All Skylake and Kaby Lake processors are vulnerable to the Foreshadow attacks, and Intel says that it is working to ensure that it is has provided mitigation solutions in the form of both microcode updates and software patches for existing processors.

It should also be pointed out that Intel's future Xeon Scalable processors (Cascade Lake) are fortified against Foreshadow and other side-channel attacks at the hardware level. Cascade Lake-based Xeons will be shipping in late 2018.

Tags:  Intel, spectre, (NASDAQ:INTC), foreshadow
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment