EVGA

CacheOut is the Latest Speculative Execution Attack for Intel Processors

Author
rjohnson11
EVGA Forum Moderator
  • Total Posts : 77865
  • Reward points : 0
  • Joined: 2004/10/05 12:44:35
  • Location: Europe
  • Status: online
  • Ribbons : 71
2020/01/27 23:20:45 (permalink)
https://www.techpowerup.com/263355/cacheout-is-the-latest-speculative-execution-attack-for-intel-processors
 
Another day, another speculative execution vulnerability found inside Intel processors. This time we are getting a new vulnerability called "CacheOut", named after the exploitation's ability to leak data stored inside CPU's cache memory. Dubbed CVE-2020-0549: "L1D Eviction Sampling (L1Des) Leakage" in the CVE identifier system, it is rated with a CVSS score of 6.5. Despite Intel patching a lot of similar exploits present on their CPUs, the CacheOut attack still managed to happen.

The CacheOut steals the data from the CPU's L1 cache, and it is doing it selectively. Instead of waiting for the data to become available, the exploit can choose which data it wants to leak. The "benefit" of this exploit is that it can violate almost every hardware-based security domain meaning that the kernel, co-resident VMs, and SGX (Software Guard Extensions) enclaves are in trouble. To mitigate this issue, Intel provided a microcode update to address the shortcomings of the architecture and they recommended possible mitigations to all OS providers, so you will be protected once your OS maker releases a new update. For a full list of processors affected, you can see this list.
 
Hopefully Intel can patch this vulnerability. 
 
For more info read the paper here:
 
https://cacheoutattack.com/
 
 

Specs: AMD Ryzen 9 3950X,  Corsair MP600 M.2, 64GB Corsair RGB Dominator,  ASUS Crosshair VIII Hero,  Corsair 1000D, EVGA RTX 2070 FTW 3

Associate Code: H5U80QBH6BH0AXF



#1

6 Replies Related Threads

    Cool GTX
    EVGA Forum Moderator
    • Total Posts : 23316
    • Reward points : 0
    • Joined: 2010/12/12 14:22:25
    • Location: Folding for the Greater Good
    • Status: offline
    • Ribbons : 117
    Re: CacheOut is the Latest Speculative Execution Attack for Intel Processors 2020/01/28 08:59:18 (permalink)
    Another example of "bad guys" understanding how something is supposed to work ... and developing a way to play with the existing structure.
     
    Could keeping such code off of machines be the easier answer ?
    Will anti-malware detect this type of attack ?
     
    it is like playing wack-a-mole
     

    RTX Project EVGA X99 FTWK-5930K@4.8GHz 2xEVGA2080Ti EVGA-1200P2  Nibbler EVGA X99 Classified-5960X@4.5GHz 3-GPU Water Loop 1600P2 
    AIO Folding  X99 2x1080Ti FTW3 Hybrid, 1200P
    Thank You for Your Support


    #2
    aka_STEVE_b
    EGC Admin
    • Total Posts : 14242
    • Reward points : 0
    • Joined: 2006/02/26 06:45:46
    • Location: Wouldn't you like to know....
    • Status: offline
    • Ribbons : 43
    Re: CacheOut is the Latest Speculative Execution Attack for Intel Processors 2020/01/28 10:15:59 (permalink)
    Another month , another exploit......  

    AMD RYZEN 9 3900X  12-core cpu~ Gigabyte X570 Aorus Elite board ~ EVGA RTX 2080 SUPER XC2 ULTRA OC~ G.SKILL Trident Z NEO 16 GB DDR4 3600 ~ Phanteks Eclipse P400s red case ~ EVGA SuperNOVA 1000 G+ PSU ~ Intel 660p M.2 drive~ Crucial MX300 275 Gig SSD ~ CORSAIR H80i v2 cooler ~ CORSAIR M65 elite mouse ~ CORSAIR K68 RGB Mechanical Keyboard~ HGST 4TB Hd.~ AOC AGON 31.5" Gaming monitor 2560 X 1440 (144Hz) ~ Win 10 x64 
    ................ GET UP TO A 10% DISCOUNT ON PURCHASES BY CLICKING ....VVVVVVVVV.........
     
    #3
    bill1024
    CLASSIFIED ULTRA Member
    • Total Posts : 7965
    • Reward points : 0
    • Joined: 2008/10/18 01:01:10
    • Status: offline
    • Ribbons : 48
    Re: CacheOut is the Latest Speculative Execution Attack for Intel Processors 2020/01/28 11:53:51 (permalink)
    meh, if they can see what is in the cache of a CPU, is it not already too late?
    If they can see that, why not just see whats on the hard drive, they are in that deep to the cache, can't see anything else?

     Life is too short to carry a cheap pocket knife

     U25ITA93JV   
     
    #4
    ty_ger07
    Insert Custom Title Here
    • Total Posts : 16226
    • Reward points : 0
    • Joined: 2008/04/10 23:48:15
    • Location: traveler
    • Status: offline
    • Ribbons : 162
    Re: CacheOut is the Latest Speculative Execution Attack for Intel Processors 2020/01/28 12:21:10 (permalink)
    bill1024
    meh, if they can see what is in the cache of a CPU, is it not already too late?
    If they can see that, why not just see whats on the hard drive, they are in that deep to the cache, can't see anything else?

    There is session-based data in the CPU cache which you may not find elsewhere. For example, cryptographic keys and session-based variables. It is never "too late" if you are looking for specific unique information. As a program operates, it doesn't just do the same thing every time. An operating program doesn't match the executable on the hard drive. Unique information is constantly generated. If every program matched what is on the hard drive, every program would simply be a multimedia experience where you would be powerless to do anything unique or interesting. [sarcasm] Today I sat down and watched Excel do the same thing again for the 9000th time. ... Or... I watched Outlook type the same email again. It was exciting.[/sarcasm] Cached information is often the most important and valuable sensitive user information. It lives within a security wall which is expected to be safe. It is accessed repeatedly and needs fast read and write times; therefore it is usually free of any cryptographic security or hashing of any type. It's only when it leaves that assumed secure walled garden that the program and/or operating system takes security measures. If you can get at that information by other means, it can be very valuable and damaging information.
    post edited by ty_ger07 - 2020/01/28 14:44:46
    #5
    Sajin
    EVGA Forum Moderator
    • Total Posts : 41661
    • Reward points : 0
    • Joined: 2010/06/07 21:11:51
    • Location: Texas, USA.
    • Status: online
    • Ribbons : 197
    Re: CacheOut is the Latest Speculative Execution Attack for Intel Processors 2020/01/28 12:34:03 (permalink)
    Glad I don't have to worry about these exploits anymore since I'm running an AMD cpu now.

    Want to save 5 to 10% on your next EVGA purchase? Just click on the associates banner to save, or enter the associates code at checkout on your next purchase. If you choose to use my code I want to personally say "Thank You" for using it.
     

     
    #6
    GTXJackBauer
    Omnipotent Enthusiast
    • Total Posts : 8296
    • Reward points : 0
    • Joined: 2010/04/19 22:23:25
    • Location: (EVGA Discount) Associate Code : LMD3DNZM9LGK8GJ
    • Status: offline
    • Ribbons : 43
    Re: CacheOut is the Latest Speculative Execution Attack for Intel Processors 2020/01/28 12:58:30 (permalink)
    Sajin
    Glad I don't have to worry about these exploits anymore since I'm running an AMD cpu now.






    Use this Associate Code at your checkouts to get 5%-10% discounts on all your EVGA purchases:
    LMD3DNZM9LGK8GJ
    *Thanks for your support!*
    Use this Rewards Code below when registering your EVGA products. 
    (Invoice needs to be uploaded.)
    #7
    Jump to:
  • Back to Mobile