Free Link Directory

Home Page Education & Science LVI: Hijacking Transient Execution with Load Value Injection
Title
LVI: Hijacking Transient Execution with Load Value Injection
Go Home
Click
URL
www.lviattack.eu
Category
Education & Science
Description
Email
[email protected]
Address
Phone Number
+1 609-831-2326 (US) | Message me
Site Icon
LVI: Hijacking Transient Execution with Load Value Injection
Tags
Transient,Execution,LVI,Hijacking,
More From This Site
Desarrollo Web y App en Galicia | GalvintecSolvIT Journal - Elektronisk journalsystemLVI-tarvikkeet, teollisuuden putkituotteetSource Trail : Solving programming and code problems for programmersAllview Germany - Lebe. Träume. Experimentiere.
Page Views
0
Share
Update Time
2022-05-09 18:07:59

"I love LVI: Hijacking Transient Execution with Load Value Injection"

www.lviattack.eu VS www.gqak.com

2022-05-09 18:07:59

LVI LVI Demos About Researcher FAQ LVI - Hijacking Transient Execution with Load Value Injection LVI is a new class of transient-execution attacks exploiting microarchitectural flaws in modern processors to inject attacker data into a victim program and steal sensitive data and keys from Intel SGX, a secure vault in Intel processors for your personal data. LVI turns previous data extraction attacks around, like Meltdown, Foreshadow, ZombieLoad, RIDL and Fallout, and defeats all existing mitigations. Instead of directly leaking data from the victim to the attacker, we proceed in the opposite direction: we smuggle — "inject" — the attacker's data through hidden processor buffers into a victim program and hijack transient execution to acquire sensitive information, such as the victim’s fingerprints or passwords.Crucially, LVI is much harder to mitigate than previous attacks, as it can affect virtually any access to memory. Unlike all previous Meltdown-type attacks, LVI cannot be transparently mitigated in existing processors and necessitates expensive software patches, which may slow down Intel SGX enclave computations 2 up to 19 times. Read Cite BibTeX Entry × @inproceedings{vanbulck2020lvi, title = {{LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection}}, author = {Van Bulck, Jo and Moghimi, Daniel and Schwarz, Michael and Lipp, Moritz and Minkin, Marina and Genkin, Daniel and Yuval, Yarom and Sunar, Berk and Gruss, Daniel and Piessens, Frank}, booktitle = {41th IEEE Symposium on Security and Privacy (S\&P'20)}, year = {2020},} Close The last square. Unifying the transient-execution attack landscape. In 2018, Spectre (top right) turned around relatively harmless branch-prediction side-channel leakages (top left) that were known for decades. By injecting speculative wrong branch decisions into other programs, Spectre makes the underlying problem much more relevant and harder to solve. At the same time, a perpendicular and dangerous class of Meltdown-type attacks (bottom left), including Foreshadow, ZombieLoad, RIDL, and Fallout, demonstrated cross-privilege level data extraction from various hidden processor buffers. LVI (lower right) is the next step: we, for the first time, combine Spectre-style code gadgets in the victim application with Meltdown-type illegal data flow from faulting or assisted memory load instructions to bypass existing defenses and inject attacker-controlled data into a victim's transient execution. LVI in 4 simple steps Poison a hidden processor buffer with attacker values. Induce a faulting or assisted load in the victim program. The attacker's value is transiently injected into code gadgets following the faulting load in the victim program. Side channels may leave secret-dependent traces, before the processor detects the mistake and rolls back all operations. Who is behind LVI? LVI was first discovered and reported by Jo Van Bulck (imec-DistriNet, KU Leuven) on April 4, 2019. The following researchers were involved in the academic paper: Jo Van Bulck (imec-DistriNet, KU Leuven) Daniel Moghimi (Worcester Polytechnic Institute) Michael Schwarz (Graz University of Technology) Moritz Lipp (Graz University of Technology) Marina Minkin (University of Michigan) Daniel Genkin (University of Michigan) Yuval Yarom (University of Adelaide and Data61) Berk Sunar (Worcester Polytechnic Institute) Daniel Gruss (Graz University of Technology) Frank Piessens (imec-DistriNet, KU Leuven) Researchers at Bitdefender independently discovered LVI-LFB and provided Intel with a PoC showing LVI-LFB in a cross-process hyperthreading scenario during the embargo period in February 2020 Andrei Lutas (Bitdefender) Dan Lutas (Bitdefender) Questions & Answers Am I affected by this bug? We believe that LVI is principally relevant as an attack by a malicious compromised operating system or hypervisor targeting Intel SGX enclaves. As such, in our current assessment, you should consider LVI and install updates if you are using a recent processor equipped with Intel SGX technology (see "What is Intel SGX" below).Intel provides a list with all affected products here. SGX is supported on certain Core-family processors from Skylake onwards. The most recent Icelake Core-family processors appear unaffected by LVI. We found that some other recent, acclaimed Meltdown-resistant recent Core-family processors are only potentially vulnerable to LVI-zero-data (aka loads exhibiting zero injection behavior only). Among Atom processors, only older Silvermont/Airmont (without SGX support) are potentially affected. What is the impact of LVI? LVI bypasses all existing mitigations against transient-execution attacks, such as Meltdown, Spectre, Foreshadow, ZombieLoad, RIDL, and Fallout. We show that LVI is especially relevant in the context of Intel SGX, where LVI may arbitrarily hijack transient execution in a victim enclave and ultimately leak arbitrary secrets, breaking confidentiality guarantees in the Intel SGX ecosystem (see "What is Intel SGX" below).LVI unifies the transient-execution research landscape by applying gadget-driven techniques from the Spectre world to reversely exploit prior Meltdown-type data leakages. LVI furthermore marks the end of transparently patching Meltdown-type processor vulnerabilities in CPU microcode, as LVI necessitates expensive software updates to serialize the processor pipeline and disable speculation after potentially every load operation. What is Intel SGX? Intel Software Guard eXtensions (SGX) is an innovative processor technology released in 2015 to create isolated environments in the computer's memory, so-called enclaves. SGX acts like a secure vault in the processor itself, combining strong encryption and hardware-level isolation to safeguard enclave programs, and the data they operate on, even against very advanced types of malware that compromise the operating system, hypervisor, or firmware (BIOS). Does LVI affect traditional application and virtual machine isolation? In our current assessment, we believe that LVI is mainly only relevant to Intel SGX enclaves. However, in the academic paper we showed that none of the ingredients for LVI are unique to Intel SGX and LVI attacks can in principle apply to non-SGX traditional cross-process, cross-virtual-machine, or user-to-kernel environments. We did not succeed in finding any practical LVI gadgets that can be realistically exploited, however, and only explored such non-SGX attacks in synthetic scenarios where we inserted our own LVI gadgets. Hence, we consider non-SGX LVI attacks of mainly academic interest and we agree with Intel's current assessment to not deploy extra mitigations for non-SGX environments, but we encourage future research to further investigate LVI in non-SGX settings (e.g., cross-process and sandboxed environments). What about other processor vendors (ARM, AMD, etc.)? In our current assessment, LVI principally applies only to Intel processors with SGX technology. However, following the argument of symmetry, in in principle any processor that is vulnerable to Meltdown-type data leakage, would also be vulnerable to LVI-style data injection. Some non-Intel processors have been shown to be affected by some variants of Meltdown and Foreshadow. We maintain an up-to-date overview on the website https://transient.fail/ (select Meltdown + vendor ARM or AMD). If an attacker finds software that uses these features in an exploitable way, LVI might still be possible. We encourage future research to investigate the applicability of LVI to non-Intel CPUs. Why is it called LVI? LVI is short for Load Value Injection. Simplified, it turns Meltdown-type attacks around to inject data into an application instead of leaking data. Under certain circumstances, an attacker can inject arbitrary data, replacing the value an application loads from memory. The application uses this value for a short period of time until detecting the mistake, and rolling back all operations. However, in this short period, an attacker can arbitrarily hijack the control and data flow. What are transient-execution attacks? For a systematic overview of all known attacks to date, we refer to https://transient.fail/. Are these software bugs? No, these are vulnerabilities in the processor. While software workarounds exist, the root cause for LVI cannot be eradicated in software. However, new CPUs will contain hardware fixes. What mitigations are available for LVI? Future CPUs will contain silicon fixes to mitigate LVI directly in hardware. At least for SGX enclaves a short-term solution is needed to mitigate LVI on current, widely deployed systems. In contrast to previous Meltdown-type attacks, processor microcode updates to flush affected buffers are no longer sufficient. Instead, complementary to existing Spectre software mitigations, LVI necessitates compiler patches to insert explicit lfence speculation barriers which serialize the processor pipeline after potentially every vulnerable load instruction. Additionally and even worse, due to implicit loads, certain instructions have to be blacklisted, including the ubiquitous x86 ret instruction.Intel is releasing an update for the Intel SGX SDK to assist SGX application providers in updating their enclave code. For other guidance, please review Intel’s white paper here. For more information on trusted computing base recovery in the Intel SGX ecosystem, see here. What is the expected performance impact of the mitigations? Depending on the application and optimization strategy, we observe extensive overheads of factor 2 to 19 for prototype implementations of the full mitigation. However, we expect that real-world performance overheads for Intel SGX will depend on the specific use case. We refer to our technical paper and the graphs below for a more detailed performance evaluation on SPEC and OpenSSL. How many LVI attack variants are out there? In the academic paper, we propose an unambiguous naming scheme to reason about and distinguish LVI variants, following the extended transient-execution attack classification tree at https://transient.fail/. Particularly, in a first level, we distinguish the fault or assist type triggering the transient execution, and at a second level we specify the microarchitectural buffer which is used as the injection source. We show the resulting two-level LVI classification tree below (red leaves are demonstrated attacks, green leaves are already mitigated by existing defenses). Note that, much like in the perpendicular Spectre class of attacks, not all CPUs from all vendors might be susceptible to all of these variants. Can I detect if someone has used LVI against me? We do not have any data on this. The exploitation might not leave any traces in traditional log files. Is there more technical information about LVI? Yes, there is an academic research paper that can be downloaded here and will be presented at the 41th IEEE Symposium on Security and Privacy (IEEE S&P'20) in May 2020. What is CVE-2020-0551? CVE-2020-0551 is the official reference to LVI. CVE is the Standard for Information Security Vulnerability Names maintained by MITRE. Can I use the logo? The logo is free to use, rights waived via CC0. Logo designed by Natascha Eibl.SVGPNGLogo Is there proof-of-concept code? For educational purposes, we released elementary example LVI attack applications as part of the open-source SGX-Step enclave side-channel attack framework available on GitHub. The examples focus only on demonstrating injection of dummy attacker data from various microarchitectural buffers and illustrating LVI-based transient control flow hijacking in a victim enclave. Acknowledgements We would like to thank Intel for working with us during the responsible disclosure.This research is partially funded by the Research Fund KU Leuven, and by the Agency for Innovation and Entrepreneurship (Flanders). Jo Van Bulck is supported by a grant of the Research Foundation -- Flanders (FWO).Daniel Moghimi was supported by the National Science Foundation under grants no. CNS-1814406.This work was supported in part by the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation programme (grant agreement No 681402).This work has been supported by the Austrian Research Promotion Agency (FFG) via the K-project DeSSnet, which is funded in the context of COMET – Competence Centers for Excellent Technologies by BMVIT, BMWFW, Styria and Carinthia.The Graz University of Technology team would also like to thank Intel, ARM and AMD for providing a generous gift prior to the start of this research project, funding part of this research.It was also supported in part by an Australian Research Council Discovery Early Career Researcher Award (project number DE200101577) and by the Defense Advanced Research Projects Agency (DARPA) under contract FA8750-19-C-0531. 2020 · All Rights Reserved.