In January 2018, the InfoSec community was rocked by the news of the Meltdown and Spectre vulnerabilities affecting entire generations of Intel processors. As of May 14, 2019, academics announced that they had discovered a new side-channel attack affecting Intel processors. The attack utilizes a set of vulnerabilities that can allow attackers to retrieve data being processed inside a CPU. The flaw has been termed Zombieload and is fundamentally similar to the Meltdown, Spectre, and Foreshadow side-channel attacks that emerged.
As with the other three, the Zombieload flaw is exploited by abusing the speculative execution process. Speculative execution is an optimization technique where a computer system performs some task that may not be needed. Work is done before it is known whether it is actually needed, so as to prevent a delay that would have to be incurred by doing the work after it is known that it is needed. If it turns out the work was not needed, after all, most changes made by the work are reverted and the results are ignored. The academics who discovered the flaw published their findings in an academic paper titled, “ZombieLoad: Cross-Privilege-Boundary Data Sampling”, where prior to publishing the academics in question spent more than a year punching holes through the various components of the speculative execution process. What they discovered was an attack method which allowed for the leaking of data from the target CPU’s buffer zones and data processing operations.
The findings of the academic team have been confirmed by Bitdefender, who likewise published a whitepaper informing customers and the community at large of the flaw and how it is possible to exploit. The academics have called the attack method a Microarchitectural Data Sampling (MDS) attack, as it targets a CPU's microarchitectural data structures, such as the load, store, and line fill buffers, which the CPU uses for fast reads/writes of data being processed inside the CPU.
These are smaller-sized caches that are used alongside the main CPU cache. When properly exploited an MDS attack can infer data that is being processed in the CPU by other apps, to which an attacker should not normally have access to. According to the published paper, the academics discovered four vulnerabilities which could be exploited by MDS attacks. In summary, these vulnerabilities are targeting store buffers (CVE-2018-12126), load buffers (CVE-2018-12127), line fill buffers (CVE-2018-12130), and uncacheable memory (CVE-2019-11091).
Zombieload: the Good and the Bad
Unlike with the Spectre and Meltdown vulnerabilities, Intel has not been caught by surprise. According to a press release issued by the processor manufacturer the newer 8th and 9th generation products are already protected against such an attack, this also includes the 2nd Generation Intel® Xeon® Scalable processor family and updates have already been released to mitigate affected products which are listed here. Further the hardware giant stated,
“First identified by Intel’s internal researchers and partners, and independently reported to Intel by external researchers, MDS is a sub-class of previously disclosed speculative execution side channel vulnerabilities and is comprised of four related techniques. Under certain conditions, MDS provides a program the potential means to read data that program otherwise would not be able to see. MDS techniques are based on a sampling of data leaked from small structures within the CPU using a locally executed speculative execution side channel. Practical exploitation of MDS is a very complex undertaking. MDS does not, by itself, provide an attacker with a way to choose the data that is leaked.”
Despite Intel’s readiness in combating the new threat, there are some important bad sides of Zombieload to consider. According to the academic paper, processors manufactured since 2011, other than the ones listed by Intel above, are vulnerable. Processors for desktops, laptops, and including cloud servers are all impacted, researchers said on a special website they've set up with information about the Zombieload flaws. In one proof of concept case, the academics published a video where the academics performed a Zombieload attack to monitor websites that a user was visiting using a privacy-protecting Tor Browser running inside a virtual machine. This effectively means that if malware is developed to exploit the Zombieload flaw it can effectively break all privacy protections that exist between apps, similar to how both Meltdown and Spectre broke those lines, but via other vulnerabilities in the speculative execution process.
There are significant hurdles to exploiting Zombieload in the wild, which forms part of the good news along with Intel’s readiness to combat the flaw if exploited by a malicious attacker. Intel pointed out that exploiting this vulnerability, like with other side-channel attacks, outside of a laboratory is extremely complex and when one considers the myriad of other tried and tested methods available to hackers this further reduces the likelihood of it been used in the wild to a major extent. There are other practical considerations regarding exploiting the flaw, the first been that the structures exploited are much smaller than the first level data cache (L1D), and therefore hold fewer data and are overwritten more frequently. Second, it is also more difficult to use MDS attacks to infer data that is associated with a specific memory address, which may require the malicious actor to collect significant amounts of data to analyze and locate any secret data. Third, only recently accessed data can be leaked when attempting an MDS attack and by simply turning off a processors hyperthreading function successfully prevents the flaw from being exploited.
Intel advises that all new updates are installed to mitigate the threat, they further advise,
“Once these updates are applied, it may be appropriate for some customers to consider additional steps. This includes customers who cannot guarantee that trusted software is running on their system(s) and are using Simultaneous Multi-Threading (SMT). In these cases, customers should consider how they utilize SMT for their particular workload(s), guidance from their OS and VMM software providers, and the security threat model for their particular environment. Because these factors will vary considerably by customer, Intel is not recommending that Intel® HT be disabled, and it’s important to understand that doing so does not alone provide protection against MDS.”