Researchers at the Graz University of Technology (Austria) have revealed information about a new method of attack through ZombieLoad 2.0 (CVE-2019-11135), which allows the extraction of confidential information from other processes, the operating system, virtual machines and secure enclaves (TEE, Trusted Execution Environment). The problem it only affects Intel processors. The components to block the problem were proposed in yesterday's microcode update.
The problem belongs to the class of MDS (Microarchitectural Data Sampling) and is a modernized version of the ZombieLoad attack, launched in May. ZombieLoad 2.0, as well as other attacks of the MDS class, are based on the application of third-party analysis methods to data in microarchitectural structures (for example, in the Line Fill Buffer and Store buffers, in which the data used in the process is temporarily stored to perform load and store operations).
This new variant by Zombieload relies on a leak that occurs when the TSA mechanism is implemented Asynchronous Abort (TSA) in the TSX extension (Transactional Synchronization Extensions), which provides a means to work with transactional memory, allowing to increase the performance of multithreaded applications due to the dynamic exclusion of unnecessary synchronization operations (atomic transactions are supported, which can be accepted or interrupted).
In the event of an outage, operations performed with the transactional region of memory are rolled back. Cancellation of a transaction is done asynchronously, at which point other threads can access the cache, which is also used in the discarded transaction memory region.
From the beginning to the actual completion of an interrupt asynchronous transaction, andSituations may occur in which the processor, during the speculative execution of an operation, can read data from internal microarchitectural buffers and transfer it to a speculatively executed operation.
The conflict will then be detected and the speculative operation will be discarded, but the data will remain in the cache and can be extracted using cache restore methods through third-party channels.
The attack boils down to opening TSX transactions and creating conditions for their asynchronous interruption, during which conditions of leakage of the content of the internal buffers speculatively full of data from the memory read operations performed in the CPU core itself.
The leak is limited to the current physical core of the CPU (on which the attacker's code is running), but since microarchitecture buffers are shared by different threads in Hyper-Threading mode, memory operations performed may leak. on other threads of the CPU.
Some Intel models have been released that you have tested on the attack of them are of the eighth, ninth and tenth generation of processors Intel Core and Pentium, Intel Celeron 5000, Intel Xeon E, Intel Xeon W and the second generation of scalable Intel Xeon processors.
Including the new Intel processors are also based on microarchitecture Cascade Lake filed in April, which was initially not susceptible to RIDL and Fallout attacks.
In addition to Zombieload 2.0, the researchers also found that previously proposed protection methods could be circumvented against MDS attacks based on the use of the VERW instruction to erase the contents of the microarchitecture buffers when they return from the kernel to user space or when they transfer control to the guest system.
Solutions to block the vulnerability are included in the code base of the linux kernel and are included in the versions 5.3.11, 4.19.84, 4.14.154, 4.9.201 and 4.4.201. As well kernel updates have been released and microcode for the main distributions (Debian, SUSE / openSUSE, Ubuntu, RHEL, Fedora, FreeBSD). The problem was identified in April and the solution was coordinated by Intel with the developers of the operating systems.
The simplest method to block Zombieload 2.0 is to disable TSX support on the CPU. The Linux kernel solution includes several security options.