News Intel 'Sunny Cove' SGX Vulnerability Discovered

[Admin]

Intel's Ice Lake, Rocket Lake, and Gemini Lake CPUs are vulnerable to ÆPIC Leak vulnerability.

Intel 'Sunny Cove' SGX Vulnerability Discovered : Read more

 

[edzieba]

Some important features of this bug:

• Only affects SGX enclaves (i.e. a nonissue for desktops and laptops)
• Can only be exploited if you already have root permissions (i.e. for any desktop/laptop and most servers, you're already PWNed pretty hard before this is even an option)
• Not possible from inside a VM, requires direct access to physical memory (why root is required)
• Only Sunny Cove cores are affected, other chips with other SGX versions (or that do not have SGX available) are not affected. In practice, this means Ice Lake SP is the only affected platform that is likely to even be using SGX enclaves.
• Using x2APIC rather than the legacy xAPIC mode elimiantes the vulnerabiltiy for no performance impact

tl;dr: Are you running an Ice Lake SP server, using SGX enclaves, and using xAPIC rather than x2APIC, and an adversary has root access outside of a VM? If so, you are vulnerable and need to switch to using x2APIC. If not, then you're fine.

 

[rluker5]

Meanwhile, as a footnote: "The vulnerability affects all of AMD's existing Ryzen processors featuring Zen 1/2/3 microarchitectures. To exploit the weakness and get access to data processed by the same CPU core, perpetrators need to run malicious code on that CPU core first, which is not particularly easy. "
AMD gets what seems to be a worse problem than the one Intel had when the old "disable hyperthreading" Foreshadow bug came out. That one is long fixed, but this new AMD one presents every bit as consequential of a risk (really pretty close to negligible, but Intel's was moreso).

And the only fix is to disable SMT, but AMD just recommends you ignore the bug and do best practices because security exploits are hard to do.