Intel Issues Security Advisory on L1 Speculative Execution Attack Method
Intel, Microsoft and Red Hat issued security advisories on Tuesday for yet another speculative execution side-channel attack method, this time going by the "L1 Terminal Fault" (L1TF) name.
L1TF is also known as "Foreshadow" by the researchers who discovered it. The researchers notified Intel of the problem on Jan. 3, 2018, which coincidentally was when Intel and other industry players had first disclosed the speculative execution side-channel attack methods known as "Meltdown" and "Spectre." Speculative execution is normally used to improve processor speeds in processors by guessing the next steps to take, but researchers found it also could be exploited in information disclosure-types of attacks.
Only Intel Processors Affected
The L1TF attack methods potentially can affect Intel Core and Intel Xeon processors only. However, attackers need to have access to a system or they need to be able to run code on a machine for the attacks to be carried out. Fixing the vulnerability requires applying both firmware and operating system updates, which are expected to have few performance degradations for most users. The big exception, though, is that some enterprises that run virtualization security solutions could face significant system slowdowns.
AMD claimed its processors weren't affected by the L1TF attack methods, according to a statement sent by a spokesperson:
As in the case with Meltdown, we believe our processors are not susceptible to the new speculative execution attack variants called Foreshadow or Foreshadow-NG due to our hardware paging architecture protections. We are advising customers running AMD EPYC™ processors in their data centers, including in virtualized environments, to not implement Foreshadow-related software mitigations for their AMD platforms.
Specifically, the attack methods can be used to defeat Intel's Software Guard Extensions (SGX) protections in Intel processors. Here's how the Foreshadow researchers described the issue:
While it was previously believed that SGX is resilient to speculative execution attacks (such as Meltdown and Spectre), Foreshadow demonstrates how speculative execution can be exploited for reading the contents of SGX-protected memory as well as extracting the machine's private attestation key. Making things worse, due to SGX's privacy features, an attestation report cannot be linked to the identity of its signer. Thus, it only takes a single compromised SGX machine to erode trust in the entire SGX ecosystem.
In other words, organizations would be unlikely to detect that an L1TF attack had taken place.
Intel researchers subsequently found a so-called "next-generation" attack scenario that exposes information in the processor's L1 memory cache. This next-generation attack can tap "information belonging to the System Management Mode (SMM), the operating system's kernel, or hypervisor," the Foreshadow researchers explained. It's this latter scenario that potentially exposes virtual machines in multitenant "cloud computing" scenarios to information disclosure threats, they added.
There are no active exploits known as yet for the L1TF attack methods. The vulnerabilities have already been assigned common vulnerability and exposures (CVE) identification numbers, namely:
- CVE-2018-3615 "for attacking SGX"
- CVE-2018-3620 "for attacking the OS Kernel and SMM mode"
- CVE-2018-3646 "for attacking virtual machines"
Apply Firmware and OS Updates
Intel, in its overview document, suggested that its previously released firmware updates, in combination with updates released by OS makers, add protections against L1TF attacks for most users:
The microcode updates released earlier this year when coupled with operating system and hypervisor software available from our industry partners, ensure consumers, IT professionals and cloud service providers have access to the protections they need. Intel recommends people keep their systems up to date to protect against the evolving threat landscape.
Intel found that these updates will have "no meaningful performance" effects for most PC users. However, there can be rather large performance hits for datacenters using virtualized guest operating systems after applying the fixes, according to Intel's overview document.
Microsoft concurred with Intel's conclusions and suggested in its security advisory that organizations using Hyper-V and virtualization-based security with older Windows Server systems may have to disable Intel's Hyper-Threading capability, which will degrade system performance:
For most consumer devices, we have not observed a noticeable performance impact after applying the updates. Customers that use Virtualization Based Security (VBS) or versions of Hyper-V prior to Windows Server 2016 may need to disable Hyper-Threading to fully address the risk from L1 Terminal Fault (L1TF), resulting in performance degradation. Performance impact will vary by hardware and the workloads running on the system.
Microsoft is claiming that its "HyperClear" technology in Hyper-V, as used in Microsoft Azure, Windows Server 2016 and later Windows Server products, is a "comprehensive mitigation to this attack." The use of HyperClear also has a "relatively negligible performance impact," Microsoft indicated, in a virtualization team post.
These protections against L1TF attack methods were added with Microsoft's August security updates, released on Aug. 14, for both Windows 10 and Windows Server 2016, according to another Microsoft blog post.
In addition to Microsoft, Linux OS vendor Red Hat offered its analysis of L1TF and the steps to take. Red Hat offered an "it depends" opinion on what enterprises using virtualization should do, adding that Red Hat and other industry players aren't disabling Intel's Hyper-Threading technology by default:
The precise impact of L1TF to Hyper-Threading depends upon the specific use case and the virtualization environment being used. In some cases, it may be possible for public cloud vendors (who have often built special purpose hardware to assist in isolation) to take steps to render Hyper-Threading safe. In other cases, such as in a traditional enterprise environment featuring untrusted guest virtual machines, it may be necessary to disable Intel Hyper-Threading. Since this varies from one use case to another, and from one environment to another, Red Hat and our peers are not disabling Intel Hyper-Threading by default. Customers should instead consult our Knowledge Base article and make the appropriate determination for their own situation.
Red Hat indicated it is shipping OS updates "that include a new interface through which customers can disable Hyper-Threading at boot time."
Kurt Mackie is senior news producer for 1105 Media's Converge360 group.