Intel chips vulnerable to “Reverse-Meltdown” attacks – mitigations carry significant performance hit

If the onslaught of Coronavirus news wasn't enough, there are now some new machine bugs to worry about too. Being termed as the "Load Value Injection," this new class of transient-execution attacks exploit microarchitectural flaws in processors enabling attackers to inject their own data into a victim program. This eventually leads to attackers stealing sensitive data and keys from Intel SGX - the Software Guard eXtensions, which is a secure digital vault used for storing encryption keys, passwords, digital rights management technology, and other sensitive data.
This new transient-execution attack is similar to exploits like Spectre and Meltdown, however, goes a step further. Researchers explained that LVI "turns previous data extraction attacks around," and "defeats all existing mitigations."
Calling it a “reverse Meltdown”-type attack, researchers explained that while Meltdown allowed attackers to read an app's data from inside a CPU's memory while in a transient state, LVI enables attackers to inject their own code to get access to sensitive data.
Unlike Spectre, Meltdown, Foreshadow, and other similar exploits, LVI doesn't leak data from the victim to the attacker. Instead, it "smuggles" the data by injecting attacker's data into a victim program and hijacking transient execution to acquire sensitive information. This essentially means that attacker would get the target machine to run a malicious code (JavaScript through a malicious site or an app) to exploit a side channel to get access to content that should technically be inaccessible.
Similar to other transient-execution flaws, we can only look forward to mitigations and not fixes as these require silicon changes. According to researchers, experimental mitigations resulted in performance reduction varying from 2x to 19x depending upon workload. While this could eventually be avoided through hardware changes, current systems are potentially at risk of performance degradation.
"Crucially, LVI is much harder to mitigate than previous attacks, as it can affect virtually any access to memory," researchers wrote. "Unlike all previous Meltdown-type attacks, LVI cannot be transparently mitigated in existing processors and necessitates expensive software patches, which may slow down Intel SGX enclave computations 2 up to 19 times."
Intel has said that the attack is theoretical, but it has still released updates to the SGX Platform Software and SDK to mitigate the issue. Fixes will be deployed in the future silicon design to completely address the exploit.
In a statement released today, Intel has said that there are several requirements that have to be met for this exploit to work. The company said it doesn't believe if LVI is practical in real world environments. Here is the complete statement:
Researchers have identified a new mechanism referred to as Load Value Injection (LVI). Due to the numerous complex requirements that must be satisfied to successfully carry out, Intel does not believe LVI is a practical method in real world environments where the OS and VMM are trusted. New mitigation guidance and tools for LVI are available now and work in conjunction with previously released mitigations to substantively reduce the overall attack surface. We thank the researchers who worked with us, and our industry partners for their contributions on the coordinated disclosure of this issue.
To mitigate the potential exploits of Load Value Injection (LVI) on platforms and applications utilizing Intel SGX, Intel is releasing updates to the SGX Platform Software and SDK starting today. The Intel SGX SDK includes guidance on how to mitigate LVI for Intel SGX application developers. Intel has likewise worked with our industry partners to make application compiler options available and will conduct an SGX TCB Recovery.
Researchers at Bitdefender believe that these type of attacks are "particularly devastating in multi-tenant environments such as enterprise workstations or servers in the data center, where one less-privileged tenant would be able to leak sensitive information from a more privileged user or from a different virtualised environment on top of the hypervisor."
While Intel processors are confirmed impacted, researchers have warned not to rule out AMD and ARM chips. "In principle, any processor that is vulnerable to Meltdown-type data leakage would also be vulnerable to LVI-style data injection," researchers wrote. "Some non-Intel processors have been shown to be affected by some variants of Meltdown and Foreshadow."
Intel along with some security experts strongly suggest the impracticality of the LVI attacks, which is why the microcode updates will probably be avoided by many considering the performance hits. However, these researches do help in pushing chipmakers to redesign their chips and make them more secure.