AMD CPUs are Targeted by New Side-Channel Attack

A new side-channel attack has been developed by a group of researchers that targets all AMD processors. The firm says, however, that no additional mitigations or solutions are necessary because the attacks do not directly disclose information in a threatening way.

Malicious applications installed on a system can now take advantage of CPU flaws due to the new side-channel attack.

The attack takes advantage of prefetch instructions’ time and power estimation.

The prefetch instruction on AMD, according to the researchers, discloses much more information than previous prefetch attacks on Intel.

A hacker can use the technique to extract sensitive data from memory connected with other apps, such as passwords and encryption keys.

Real Time Scenarios
In this case, researchers have identified a number of attack scenarios that could result in sensitive data being leaked from the operating system.

They claimed to have discovered the first-ever microarchitectural Kernel Address Space Layout Randomization (KASLR) break on AMD CPUs, which might allow hackers to get access to users’ laptops, desktop PCs, and even cloud-deployed Virtual Machines (VMs).

The researchers then established a secret channel for monitoring the kernel activity, such as playing audio over Bluetooth.

They also demonstrated the extraction of sensitive data using simple Spectre gadgets in the Linux kernel in another scenario.

Vendor’s Reaction
AMD was notified about the findings in mid- to late 2020, and the vendor responded in February of this year.

The exploited vulnerabilities have been given the CVE identifier CVE-2021-26318 and a medium severity rating by AMD.

Despite the fact that the flaw affects all of AMD’s processors, the company has failed to present any mitigation measures. It’s because as per the claim the aforementioned strategies “do not directly leak data across address space boundaries.”

Mitigation
Although this attack approach is not particularly threatening, it demonstrates that hardware is also vulnerable to unforeseen bugs or weaknesses. Researchers have presented mitigation recommendations that include page table isolation, FLARE, prefetch configuration MSRs, and restricting access, in addition to keeping devices up to speed with the latest OS patches.

Related posts

Sify Technologies Partners with Cisco ThousandEyes to Help Enterprises Accelerate their Digital Transformation Journey

Whatfix and Deloitte India Forge Strategic Alliance to Accelerate Adoption of Digital Solutions for Indian Enterprises

New Research Highlights AI and Low-Code Synergy Accelerating Application Development in Asia-Pacific

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More