Semiconductor Company AMD warns of a new set of vulnerabilities affecting a wide range of chipsets that could lead to information disclosure.
A flaw, collectively known as transient scheduler attacks (TSAs), manifests in the form of a speculative side channel of a CPU that takes advantage of the timing of execution of instructions under specific microarchitecture conditions.
“In some cases, attackers can use this timing information to infer data from other contexts, which can lead to information leakage,” AMD said in its advisory.
The company said the issue was revealed as part of a study published by researchers at Microsoft and ETH Zurich on stress testing the separation between security domains such as virtual machines, kernels and processes, to test modern CPUs against speculative execution attacks such as meltdowns and predictions.
Following the responsible disclosure in June 2024, the issue is assigned to the following CVE Identifiers –
CVE-2024-36350 (CVSS score: 5.6) – A temporary execution vulnerability in some AMD processors allows an attacker to infer data from previous stores, potentially potentially in privileged information leakage CVE-2024-36357 (CVSS score: 5.6) and could infer a temporary execution vulnerability in AMD POMPITIONS. CVE-2024-36348 (CVSS score: 3.8) with sensitive information leaking across privileged boundaries – A temporary execution vulnerability in some AMD processors may allow user processes to infer control registers, even in UMIP.[3] Features enabled and potentially leaked information CVE-2024-36349 (CVSS score: 3.8) – A temporary execution vulnerability in some AMD processors allows user processes to infer TSC_AUX even if such reads are disabled, potentially causing information leaks.
AMD describes the TSA as a “new class of speculative side channels” that affects the CPU, saying it has released microcode updates for the affected processors.
3rd Generation AMD EPYC Processor 4th Generation AMD EPYC Processor AMD INSTINCT MI300A AMD RYZEN 5000 Series Desktop Processor AMD Ryzen 5000 Series Desktop Processor Ryzen 7000 Series Desktop Processor AMD Ryzen 8000 Series Processor 6000 Series Processor with Radeon Graphics AMD Ryzen 7035 Series Processor Radeon Graphics AMD Ryzen 5000 Series Processor Radeon Graphics 7000 Series Processor Radeon Graphics 7040 Series Processor Embedded 7003 AMD EPYC Embedded 8004 AMD EPYC Embedded 9004 AMD EPYC Embedded 97×4 AMD RYZEN EMBEDDED 5000 AMD RYZEN EMBEDDED 7000 AMD Ryzen Embedded V3000
The company also noted that instructions that read data from memory can experience what is called “mis-completion.” This occurs when the CPU hardware expects the load instruction to complete quickly, but there are conditions in place to prevent it from happening –
In this case, the dependent operation may be scheduled to be performed before false completion is detected. Data related to that load is considered invalid because the load was not actually completed. The package is rerun to complete successfully later, and the dependent operations rerun valid data when ready.
Unlike other speculative behaviors such as forwarding forecast stores, experiencing false completions does not result in the final pipeline flash. Invalid data associated with an incorrect completion may be transferred to operations that rely on operations that consume this data, but will not attempt to retrieve data or update cache or TLB state. Therefore, this invalid data value cannot be inferred using standard transient side channel methods.
However, on TSA-affected processors, invalid data can affect the timing of other instructions executed by the CPU in a way that an attacker can detect.
Chipmaker said it has identified two variants, TSA, TSA-L1 and TSA-SQ, based on either the L1 data cache or the CPU store queue, based on the source of invalid data associated with incorrect completion.
In the worst case scenario, successful attacks performed using TSA-L1 or TSA-SQ flaws can lead to user applications from the operating system kernel, to guest virtual machines from the hypervisor, or to information leakage between two user applications.
TSA-L1 is caused by an error in how the L1 cache uses microtags for data cache lookup, but a TSA-SQ vulnerability arises when data that requires a Load instruction is incorrectly retrieved from the CPU store queue when data is not yet available. In either case, an attacker can infer the data used by the old store, even if it resides in the L1 cache, or if the old store runs in a different context.
That said, to exploit these flaws, an attacker must have the ability to gain malicious access to the machine and execute arbitrary code. It is not exploitable through malicious websites.
“The conditions required to exploit TSA are usually temporary, as both the microtag and store queues are updated after the CPU detects an incorrect completion,” AMD said.
“As a result, to ensure data removal, an attacker would normally need to be able to call the victim multiple times and create conditions for false completion repeatedly. This is possible if the attacker and the victim have existing communication paths, such as the application and the OS kernel.”
Source link
