Academics and private sector researchers have revealed details today about three new vulnerabilities affecting Intel CPUs.
All three are Spectre-class attacks that take advantage of a CPU design feature named speculative execution —a feature found in all modern CPUs that has the role of improving performance by computing operations in advance and later discarding unneeded data.
These flaws target data processed during speculative execution that is stored inside a processor's L1 cache —the fastest memory in a computer and closest to the processor, also shared by CPU cores.
The three issues are referred to as L1 Terminal Fault (or L1TF) by the general tech industry, but they were initially named "Foreshadow" and "Foreshadow-NG" by the researchers who discovered them.
They are as follows:
Alternative names include:
According to the research team behind the L1TF/Foreshadow flaws, only Intel CPUs are affected. Researchers contacted Intel earlier this year and worked with the company, OS makers, and cloud hosting providers to prepare mitigations and updates.
"L1 Terminal Fault is addressed by microcode updates released earlier this year, coupled with corresponding updates to operating system and hypervisor software that are available starting today," an Intel spokesperson told Bleeping Computer via email today.
"We’ve provided more information on our website and continue to encourage everyone to keep their systems up to date, as its one of the best ways to stay protected," the spokesperson added. "We’d like to extend our thanks to the researchers at imec-DistriNet, KU Leuven, Technion- Israel Institute of Technology, University of Michigan, University of Adelaide and Data61 and our industry partners for their collaboration in helping us identify and address this issue."
Both the research team, Intel, and Red Hat have published YouTube videos explaining how the L1TF/Foreshadow vulnerabilities work under the hood.
A video also shows the research team using the Foreshadow attack to retrieve data from a secure Intel SGX enclave.
According to Intel, applying Intel microcode updates and OS patches for CVE-2018-3615, CVE-2018-3620, and CVE-2018-3646 should mitigate L1TF/Foreshadow attacks in full.
Intel also said that unlike the case of Spectre where updates took a big bite out of the performance of Intel CPUs "there has been no meaningful performance impact observed as a result of [L1TF] mitigations applied."
Microsoft, Oracle, and Red Hat have also published blog posts about the L1TF/Foreshadow flaws, along with information about patches. Fixes have also arrived in Cisco products, the Linux kernel and via the Microsoft August 2018 Patch Tuesday. Security guidance pages have also been published by the three main cloud computing providers —Amazon Web Services, Google Cloud, and Microsoft Azure.
The team behind the research have also created a dedicated website explaining to explain the impact of the L1TF/Foreshadow vulnerabilities.