plus69free - Fotolia
Researchers develop new side channel attacks on AMD chips
Security researchers behind the Meltdown and Spectre flaws discovered new side channel attacks on AMD processors, but the chipmaker has opted not to patch them.
The steady stream of side channel attacks on microprocessors continued last week, and this time it's AMD chips that are at risk.
Academic researchers published research Friday that revealed two new side channel attacks, dubbed Collide+Probe and Load+Reload, affect AMD chips manufactured between 2011 and 2019, including those that use the company's current Zen microarchitecture. The attacks allow threat actors to access and steal confidential data from the chip's memory.
In their white paper, titled "Take A Way: Exploring the Security Implications of AMD's Cache Way Predictors," the researchers analyzed AMD's way predictor for the L1-data (L1D) cache, which was introduced in 2011; the feature predicts which cache way a specific address will be located in so that the chip's power consumption is reduced. The research team reverse-engineered the L1D cache way predictor and discovered two different side channel attacks, which were disclosed to AMD on Aug. 23.
"With Collide+Probe, an attacker can monitor a victim's memory accesses without knowledge of physical addresses or shared memory when time-sharing a logical core," the team wrote. "With Load+Reload, we exploit the way predictor to obtain highly-accurate memory-access traces of victims on the same physical core."
The attacks, which can be conducted remotely and do not require physical access, could be used in a variety of ways to leak or steal data from systems with vulnerable chips, according to the white paper. The researchers demonstrated how they used the attacks to recover the encryption key, create a covert data exfiltration channel, and break address space layout randomization (ASLR) and kernel ASLR implementations, which enables additional attacks on the CPU.
The researchers stressed the chip hardware wasn't leaking data; instead, the L1D cache way predictor allows attackers to infer the access pattern of data and exploit that information for malicious purposes. The new side channel attacks are exclusive to AMD chips, as Intel and ARM do not have a cache way predictor.
The research team includes Moritz Lipp, Vedad Hadžić, Michael Schwarz and Daniel Gruss of Graz University of Technology in Austria; Clémentine Maurice of the French National Centre for Scientific Research and IRISA [Research Institute of Computer Science and Random Systems] in France; and Arthur Perais, an independent security researcher. Lipp, Schwarz and Gruss were part of the Meltdown and Spectre discovery teams and have been researching side channel attacks such as ASLR bypasses since 2016. Maurice was also involved in discovering and researching early side channel attacks such as Rowhammer variant Nethammer.
AMD pushes back on research
While Collide+Probe and Load+Reload pose serious threats to vulnerable systems, several of the researchers said via social media that the side channel attacks are not a severe as Meltdown and Spectre. For example, Gruss said on Twitter Collide+Probe and Load+Reload impact far less data than Meltdown and ZombieLoad.
In a security advisory posted Saturday, AMD appeared to downplay the new side channel attacks. "We are aware of a new white paper that claims potential security exploits in AMD CPUs, whereby a malicious actor could manipulate a cache-related feature to potentially transmit user data in an unintended way. The researchers then pair this data path with known and mitigated software or speculative execution side channel vulnerabilities," the security advisory stated. "AMD believes these are not new speculation-based attacks."
AMD has not released any microcode patches to mitigate Collide+Probe and Load+Reload and instead recommended customers follow "best practices" such as keeping operating systems, firmware and applications up to date and running antivirus software.
Gruss contested AMD's characterization of the attacks and noted via Twitter that Collide+Probe and Load+Reload are side channel attacks, not "speculative execution attacks."