Security News > 2020 > June > Intel CPUs Vulnerable to New 'SGAxe' and 'CrossTalk' Side-Channel Attacks

Intel CPUs Vulnerable to New 'SGAxe' and 'CrossTalk' Side-Channel Attacks
2020-06-10 05:59

Cybersecurity researchers have discovered two distinct attacks that could be exploited against modern Intel processors to leak sensitive information from the CPU's trusted execution environments.

The second line of attack, dubbed CrossTalk by researchers from the VU University Amsterdam, enables attacker-controlled code executing on one CPU core to target SGX enclaves running on a completely different core, and determine the enclave's private keys.

SGAxe Attack: Extracting Sensitive Data From SGX Enclaves SGAxe builds on the CacheOut speculative execution attack to steal SGX data.

According to the researchers, while Intel took steps to address side-channel attacks against SGX via several microcode updates and new architectures, the mitigations have proven ineffective.

With Intel CPUs released from 2015 to 2019, counting Xeon E3 and E CPUs, susceptible to the attacks, VU University researchers said it shared with Intel a proof-of-concept demonstrating the leakage of staging buffer content in September 2018, followed by a PoC implementing cross-core RDRAND/RDSEED leakage in July 2019.


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/LY6CEh6f1mw/intel-sgaxe-crosstalk-attacks.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Intel 6832 278 786 430 28 1522