I used to write bi-weekly blog posts in a series called Glenn’s Tech Insights. Since I’m not doing that any longer, I will continue to write about HW news on a regular basis here.
Intel: Load Value Injection Vulnerability
Intel has been hit with a new CPU security issue called Load Value Injection (LVI). LVI is a new class of transient-execution attacks exploiting microarchitectural flaws in modern processors. In this case, the exploit can inject attacker data into a victim program and steal sensitive data and keys from Intel SGX.
The biggest impact of this newly announced vulnerability is that it apparently can only be mitigated with very expensive (for performance) software fixes that insert lfence barriers before every vulnerable load instruction. This will probably have a very significant negative effect on performance.
Here are some good posts that go into more detail about this exploit:
- Load Value Injection: A New Intel Attack Bypasses SGX with Significant Performance Mitigation Concerns
- LVI Attack Hits Intel SGX – Defeats Existing Mitigations, More Performance Hits
- Deep Dive: Load Value Injection
AMD: Take A Way Attacks
A new paper released by the Graz University of Technology covers two new “Take A Way” attacks, called Collide+Probe and Load+Reload. These can leak data from AMD processors by manipulating the L1D cache predictor. The researchers claim that this vulnerability impacts all AMD processors made from 2011 to 2019, meaning that the current Zen microarchitecture is also at risk. This means Zen mobile, desktop and server CPUs would all be affected.
AMD has updated their AMD Product Security page to respond to this disclosure. This is their statement:
We are aware of a new white paper that claims potential security exploits in AMD CPUs, whereby a malicious actor could manipulate a cache-related feature to potentially transmit user data in an unintended way. The researchers then pair this data path with known and mitigated software or speculative execution side channel vulnerabilities. AMD believes these are not new speculation-based attacks.https://www.amd.com/en/corporate/product-security
The researchers contend that this vulnerability is still an issue even on fully patched systems. This is one of the better articles that goes into more detail about this.
The Intel LVI exploit will probably cause some very significant performance regressions as it is addressed in software.
As AMD processors become more popular, they are sure to draw more attention from both academic researchers and actual bad actors. AMD’s Zen architecture seems to be basically more secure than Intel’s current Cascade Lake architecture. Unfortunately, AMD has fewer internal resources compared to Intel for things like testing, validation, and software development. This is something AMD will have to work on over time as they get bigger.
From a SQL Server perspective, I think most SQL Server instances, databases, and applications have more basic security issues to worry about first. Things like SQL injection, applications with sa rights, unpatched operating systems and SQL Server builds, etc. It is still important to monitor these new CPU vulnerabilities though, and then take corrective action where you can.
If you find this sort of content interesting, please let me know in the comments. Thanks for reading!