Security researchers have discovered a fundamental vulnerability in the architecture of Intel processors. This allows attackers to steal sensitive data. But there is also good news. Plus: There is also a gap in AMD CPUs.
Enlarge
ÆPIC Leak: Researchers discover serious vulnerability in Intel processors.
© aepiclean.com/Theresa Dachauer
Security researchers, including from the universities of Rome and Graz, have discovered a serious security hole in Intel processors of the 10th, 11th and 12th generation, which they have dubbed the “ÆPIC Leak”. An error in the processor architecture allows foreign data to be read, specifically: Attackers can read outdated data that was accessed by the processor and that was previously in its memory. This could also give attackers access to passwords or cryptographic keys, as the researchers explain in this interview.
Enlarge
All Sunny Cove-based CPUs are affected by the vulnerability.
© aepicleak.com/aepicleak.pdf
According to the researchers, this should be the first hardware-based vulnerability that can reveal data through an error in the CPU architecture. The eponymous APIC (Advanced Programmable Interrupt Controller) designates an integrated CPU component that is responsible for accepting, prioritizing and forwarding interrupts to processors. In contrast to the well-known Meltdown vulnerability, which is a somewhat more cumbersome “side-channel attack”, ÆPIC Leak (CVE-2022-21233) directly exploits a bug in the CPU that leaks data where it shouldn’t be .
Here you can find all information about ÆPIC Leak
The security experts have published all the information about ÆPIC Leak in compressed form here; Interested parties can read a detailed analysis in this PDF.
Prerequisites for exploiting the gap
In order to be able to exploit the vulnerability, the attacker must first have administrator rights on the computer and also have physical access to it. The APIC MMIO can only be accessed with admin rights. So most systems should be safe from ÆPIC Leak. Another requirement: Only systems that rely on SGX (Software Guard Extensions; a security-related extension of the x86 architecture; SGX is intended to prevent foreign processes from accessing the protected memory area) are at risk in order to protect data from privileged attackers protection.
ÆPIC Leak shouldn’t be a problem for most users. The usual applications and virtual machines should not be affected by this vulnerability, as the researchers believe. Server operators are more likely to be affected, especially operators of cloud services.
However, users obviously have no way of detecting the exploitation of the vulnerability.
Intel is already closing the gap
According to the researchers, Intel has released microcode and SGX SDK updates to at least mitigate the problem. The researchers reported their discovery to Intel some time ago. The vulnerability has probably not yet been exploited by hackers.
And AMD? SQUIP!
The researchers have also discovered a vulnerability in AMD processors, christened SQUIP. This is a kind of side channel attack like Specter.
