There doesn’t seem to be an end in sight for Intel’s ongoing security nightmare.
The researchers who were responsible for discovering the heavily publicized Meltdown and Spectre vulnerabilities have found yet another attack plaguing Intel processors. This one is called Load Value Injection (LVI), and it affects any chip with Intel’s SGX technology. Previous mitigations do nothing against it.
“LVI is a new class of transient-execution attacks exploiting microarchitectural flaws in modern processors to inject attacker data into a victim program and steal sensitive data and keys from Intel SGX, a secure vault in Intel processors for your personal data,” wrote researchers on the official LVI site.
“LVI turns previous data extraction attacks around, like Meltdown, Foreshadow, ZombieLoad, RIDL and Fallout, and defeats all existing mitigations,” they continued. “Instead of directly leaking data from the victim to the attacker, we proceed in the opposite direction: we smuggle — “inject” — the attacker’s data through hidden processor buffers into a victim program and hijack transient execution to acquire sensitive information, such as the victim’s fingerprints or passwords.”
In cooperation with Intel, researchers have been testing a proof-of-concept mitigation tool, but the performance hit could be massive – up to a 19x decrease. As The Register points out, this penalty is derived from extra, more complicated x86 instructions.
“We observe extensive slowdowns of factor 2 to 19 for our prototype evaluation of this countermeasure,” the paper reads. “LVI demands research on more efficient and forward-looking mitigations on both the hardware and software levels.”
The “good” news is that this attack should only affect SGX environments. “Due to the numerous complex requirements that must be satisfied to successfully carry out, Intel does not believe LVI is a practical method in real world environments where the OS and VMM are trusted,” said a company spokesperson.
No microcode updates have been planned thus far, but Intel will be making changes to its SGX Platform Software and SDK.