Uncategorized

Meltdown and Spectre, the new vulnerabilities in the processors

The National Center for Cybersecurity and Communications Integration (NCCIC) detected a set of security vulnerabilities, known as Meltdown and Spectre, that affect modern computer processors. Exploiting these vulnerabilities could allow an attacker to gain access to confidential information.

Meltdown: this vulnerability is the easiest to exploit and the one that gets the most attention. It mainly affects the Intel chipset and is currently dealing with operating system level reviews of Microsoft, Apple and various Linux distributions. It works by using a method called ‘speculative execution’ to infer values in protected memories. This vulnerability has been assigned CVE-2017-5754.

Spectre: This is a more widespread attack based on concepts similar to Meltdown and affects the Arm and AMD processors in ways that the Meltdown attack cannot. This also means that solutions for Meltdown will not protect against Spectre attacks. Spectre covers two separate attack vectors to which CVE-2017-5715 and CVE-2017-5753 have been assigned.

The CVEs of the vulnerabilities are the following:

CVE ID

CVSSv3 Vectors

CVE-2017-5754

5.6 Medium

CVE-2017-5715

5.6 Medium

CVE-2017-5753

5.6 Medium

 Information about the affected system/product

Brand

Link

Intel

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr

Microsoft

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002

Amazon

 https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/

ARM

https://developer.arm.com/support/security-update

AMD

http://www.amd.com/en/corporate/speculative-execution 

Google

https://googleprojectzero.blogspot.com.co/2018/01/reading-privileged-memory-with-side.html

MITRE

 CVE-2017-5715   /     CVE-2017-5753    /     CVE-2017-5754

Red Hat

https://access.redhat.com/security/vulnerabilities/speculativeexecution

SUSE

https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/

CERT

http://www.kb.cert.org/vuls/id/584653

VMWare

 https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html

Apple

 https://support.apple.com/en-us/HT208394

 What impact would it have if the vulnerability is exploited?

Taking advantage of this security flaw, an attacker could have access to sensitive information stored in the memory of the processor (passwords, encryption keys, etc).

What to do if we have the vulnerability?

Microsoft recommends updating Windows operating systems, and has also published procedures to help counter and verify these vulnerabilities:

Guide for Windows users: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

Guide for Windows servers: https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution

Source:

https://www.us-cert.gov/ncas/alerts/TA18-004A

https://nvd.nist.gov

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr

https://www.welivesecurity.com

https://www.trustwave.com/

Leave a comment

Your email address will not be published. Required fields are marked *