SHARE

foreshadow flaw

When the Spectre and Meltdown security flaws in Intel chips were disclosed earlier this year, security researchers called it a loophole so big that it’ll keep leaking for some considerable time in the future as well. Over the course of following months, that prediction turned out to be true and we are still witnessing similar vulnerabilities.

The latest addition to this list has been called Foreshadow by the group of researchers who uncovered this attack. These scholars belong to 5 different universities from all around the world.

Just like the original attacks, Foreshadow is a speculative execution attack that lets the attacker grab the sensitive information stored in PCs powered by Intel CPUs. Specifically, it has two versions. Let’s tell you about them in brief:

Foreshadow:

The original Foreshadow attack affects Intel’s Software Guard Extension (SXG). It’s a feature in modern chips that protects the data even if the complete system is compromised. While Spectre and Meltdown reportedly didn’t affect SGX, Foreshadow can bypass the defenses. Intel has called it “L1 Terminal Fault.”

Foreshadow – Next Generation (NG):

Foreshadow-NG consists of two more related attacks that Intel came across while looking into L1 Terminal Fault. Going one step further, Foreshadow-NG can be exploited to access the information in L1 cache, which in turn puts the information stored in OS kernel, System Management Mode (SMM) memory, and hypervisor at risk. It can also be exploited to access information kept in cloud-based VMs.

The CVE numbers assigned to the flaws are CVE-2018-3615, CVE-2018-3620, and CVE-2018-3646–you can refer them as well for more information.

To read more about these flaws, you can read Intel’s security advisory. Intel has also listed the Intel chips which are affected by these flaws.

SHARE
Adarsh Verma
Fossbytes co-founder and an aspiring entrepreneur who keeps a close eye on open source, tech giants, and security. Get in touch with him by sending an email — [email protected]