Intel CPUs Vulnerable to New 'SGAxe' and 'CrossTalk' Side-Channel Attacks

2020-06-10 05:59

Cybersecurity researchers have discovered two distinct attacks that could be exploited against modern Intel processors to leak sensitive information from the CPU's trusted execution environments.

The second line of attack, dubbed CrossTalk by researchers from the VU University Amsterdam, enables attacker-controlled code executing on one CPU core to target SGX enclaves running on a completely different core, and determine the enclave's private keys.

SGAxe Attack: Extracting Sensitive Data From SGX Enclaves SGAxe builds on the CacheOut speculative execution attack to steal SGX data.

According to the researchers, while Intel took steps to address side-channel attacks against SGX via several microcode updates and new architectures, the mitigations have proven ineffective.

With Intel CPUs released from 2015 to 2019, counting Xeon E3 and E CPUs, susceptible to the attacks, VU University researchers said it shared with Intel a proof-of-concept demonstrating the leakage of staging buffer content in September 2018, followed by a PoC implementing cross-core RDRAND/RDSEED leakage in July 2019.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/LY6CEh6f1mw/intel-sgaxe-crosstalk-attacks.html

#attack #CPU #intel #sidechannel

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Intel		6314	31	755	708	45	1539

News URL

Related news

Related vendor