Many processors made by Intel are vulnerable to a new type of attack named Load Value Injection.



The vulnerability, tracked as CVE-2020-0551, was first reported to Intel in April 2019 by Jo Van Bulck from the KU Leuven research university in Belgium.

After, the flaw was analyzed by a team from universities in the United States, Austria and Australia, including some of the researchers who first discovered the Meltdown and Spectre vulnerabilities.

The research team released a paper [1] and a basic PoC [2]

The vulnerability

https://www.youtube.com/watch?v=goy8XRXFlh4

The LVI attack, described as a reverse Meltdown-type attack, allows malicious software installed on a device to leak sensitive secrets stored in SGX secure enclaves and, at least in theory, from privileged processes across security boundaries such as kernel space, virtual machines and hypervisors.
However, according to research, remote exploitation of the vulnerability over the internet or the network is not possible.

The university researchers have also demonstrated that LVI attacks can be launched against Intel’s Software Guard Extensions (SGX), which allows developers to isolate application code and data in memory by leveraging hardware encryption.

LVI turns previous data extraction attacks around, like MeltdownForeshadowZombieLoadRIDL and Fallout, and defeats all existing mitigations. Instead of directly leaking data from the victim to the attacker, we proceed in the opposite direction: we smuggle — "inject" — the attacker's data through hidden processor buffers into a victim program and hijack transient execution to acquire sensitive information, such as the victim’s fingerprints or passwords.

Crucially, LVI is much harder to mitigate than previous attacks, as it can affect virtually any access to memory. Unlike all previous Meltdown-type attacks, LVI cannot be transparently mitigated in existing processors and necessitates expensive software patches, which may slow down Intel SGX enclave computations 2 up to 19 times.

Further, a variation of the LVI attack, dubbed Load Value Injection in the Line Fill Buffers (LVI-LFB), was reported to Intel by researchers at Bitdefender [3], that also released a PoC [4].

This is a new attack which takes advantage of performance-centric functionality of modern Intel CPUs. LVI-LFB further breaks-down barriers between trust levels by demonstrating another methodology of attack in this highly advanced field of research.

Intel's response

Intel says that the attack works against its Xeon, Core and Atom processors.
The company also noted that an attack is not easy to carry out in real world scenarios, but it still released updates [6] and mitigation advice to address the risks posed by LVI [7]:

Due to the numerous, complex requirements that must be satisfied to implement the LVI method successfully, LVI is not a practical exploit in real-world environments where the OS and VMM are trusted. Because of the Intel® Software Guard Extensions (Intel® SGX) strong adversary model, attacks on Intel SGX enclaves loosen some of these requirements. Notably, the strong adversary model of Intel SGX assumes that the OS or VMM may be malicious, and therefore the adversary may manipulate the victim enclave's page tables to cause arbitrary enclave loads to fault or assist. Where the OS and VMM are not malicious, LVI attacks are significantly more difficult to perform, even against Intel SGX enclaves.

References

  1. LVI - Hijacking Transient Execution with Load Value Injection
  2. https://github.com/jovanbulck/sgx-step/tree/master/app/lvi
  3. Bitdefender Researchers Discover New Side-Channel Attack
  4. https://github.com/bitdefender/lvi-lfb-attack-poc
  5. Load Value Injection / CVE-2020-0551 / INTEL-SA-00334
  6. INTEL-SA-00334
  7. An Optimized Mitigation Approach for Load Value Injection