A new side-channel attack has been developed by a group of researchers that targets all AMD processors. The firm says, however, that no additional mitigations or solutions are necessary because the attacks do not directly disclose information in a threatening way.
Malicious applications installed on a system can now take advantage of CPU flaws due to the new side-channel attack.
The attack takes advantage of prefetch instructions’ time and power estimation.
The prefetch instruction on AMD, according to the researchers, discloses much more information than previous prefetch attacks on Intel.
A hacker can use the technique to extract sensitive data from memory connected with other apps, such as passwords and encryption keys.
Real Time Scenarios
In this case, researchers have identified a number of attack scenarios that could result in sensitive data being leaked from the operating system.
They claimed to have discovered the first-ever microarchitectural Kernel Address Space Layout Randomization (KASLR) break on AMD CPUs, which might allow hackers to get access to users’ laptops, desktop PCs, and even cloud-deployed Virtual Machines (VMs).
The researchers then established a secret channel for monitoring the kernel activity, such as playing audio over Bluetooth.
They also demonstrated the extraction of sensitive data using simple Spectre gadgets in the Linux kernel in another scenario.
Vendor’s Reaction
AMD was notified about the findings in mid- to late 2020, and the vendor responded in February of this year.
The exploited vulnerabilities have been given the CVE identifier CVE-2021-26318 and a medium severity rating by AMD.
Despite the fact that the flaw affects all of AMD’s processors, the company has failed to present any mitigation measures. It’s because as per the claim the aforementioned strategies “do not directly leak data across address space boundaries.”
Mitigation
Although this attack approach is not particularly threatening, it demonstrates that hardware is also vulnerable to unforeseen bugs or weaknesses. Researchers have presented mitigation recommendations that include page table isolation, FLARE, prefetch configuration MSRs, and restricting access, in addition to keeping devices up to speed with the latest OS patches.