Major Intel CPU flaws let attackers steal sensitive data

Intel Tiger Lake
(Image credit: Intel)

Intel processors are vulnerable to another set of major security threats, security experts at two research teams disclosed earlier this week. The exploits go after Intel's Software Guard eXtensions (SGX), a set of instructions designed to protect important apps and data.

The chipmaker created SGX to keep sensitive data, like passwords, guarded within blocks of secured memory called enclaves. Anything stored within an enclave is encrypted until it leaves the processor and goes to RAM before being decrypted when it returns. 

There are two newly discovered attacks capable of breaking into the SGX-secured region of a processor: SGAxe and CrossTalk. They do this using side-channel attacks, which Ars Technica notes is "a class of hacks that infers sensitive data by measuring timing differences, power consumption, electromagnetic radiation, sound, or other information from the systems that store it." 

These types of attacks are similar to the devastating Meltdown and Spectre attacks that crippled hundreds of thousands of systems that rely on Intel CPUs. Intel said it released fixes and patches for some of the flaws but other issues remain.

SGAxe and Crosstalk vulnerabilities 

One of two vulnerabilities discovered in Intel processors, SGAxe can steal legitimate SGX keys from an enclave and pose as a system to gain access to sensitive information. This could have a devastating effect if the malicous system can convince a server that it is a genuine Intel CPU. 

"With the machine’s production attestation keys compromised, any secrets provided by [the] server are immediately readable by the client’s untrusted host application while all outputs allegedly produced by enclaves running on the client cannot be trusted for correctness," wrote the researchers at the University of Michigan and the University of Adelaide in Australia who discovered the flaw. 

SGAxe is a variant of a vulnerability discovered by the same team in January. Intel patched its chips with a temporary fix, only for the attack, called CacheOut, to bypass it. When SGAxe works alongside CacheOut, the duo can decrypt and extract sensitive data stored in memory.

Fortunately, the SGAxe flaw has not been seen in the wild. Intel has been alerted of the issue and promised to release a microcode update soon. In the meantime, the chipmaker published a lengthy list of processors affected by SGAxe. 

The other flaw, CrossTalk, was discovered by researchers at Vrije University in Amsterdam and ETH Zurich. It lets malicious code on one CPU core leak sensitive data from software running on a different core. A so-called MDS attack, CrossTalk targets data while it's in a transient state and being processed by the CPU.

"The cryptographically-secure RDRAND and RDSEEN instructions turn out to leak their output to attackers via this buffer on many Intel CPUs, and we have demonstrated that this is a realistic attack," the researchers wrote. "We have also seen that, yet again, it is almost trivial to apply these attacks to break code running in Intel’s secure SGX enclaves."

They continued, "Worse, mitigations against existing transient execution attacks are largely ineffective. The majority of current mitigations rely on spatial isolation on boundaries which are no longer applicable due to the cross-core nature of these attacks."

The CrossTalk attack was disclosed to Intel 21 months ago, in September 2018, but the complexity of the issue has held back efforts to release a patch. Researchers tested CPUs from 2015 to 2019 and found that a majority of processors were at risk, including Xeon chips. 

Intel released firmware updates earlier this week to mitigate the problem. It says it hasn't found evidence of CrossTalk being used in the wild. 

Phillip Tracy

Phillip Tracy is the assistant managing editor at Laptop Mag where he reviews laptops, phones and other gadgets while covering the latest industry news. After graduating with a journalism degree from the University of Texas at Austin, Phillip became a tech reporter at the Daily Dot. There, he wrote reviews for a range of gadgets and covered everything from social media trends to cybersecurity. Prior to that, he wrote for RCR Wireless News covering 5G and IoT. When he's not tinkering with devices, you can find Phillip playing video games, reading, traveling or watching soccer.