Intel Processors are Proven Vulnerable to LVI attack

Recent news highlighted a major threat to Intel processors as they are proven vulnerable to LVI attack. Intel has suffered from a series of challenges since last year yet it faces another grave issue only this time, the problem may prove to be more severe.

Intel’s processors are at risk due to security vulnerabilities from Load Value Injection (LVI). LVI revolves around a process of exploiting microarchitectural flaws in present processors. It does so by injecting the attacker’s data into a victim program. This steals sensitive data and keys from the system by accessing the SGX (Software Guard Extensions) where valuable information is present on a processor.

The LVI is capable of affecting core families from Intel spanning from the Ivy bridge to the 10th gen Comet Lake processors. LVI is inspired by previous attacks of Meltdown and Spectre. The Meltdown and Spectre attacks were groundbreaking and pointed out crucial flaws in the modern CPU design.

The original attacks impacted worldwide and further lead to researching so-called “transient attacks”. This revealed many other transient attacks which mirrored the same process of CPU data leakage. These attacks included Foreshadow, Zombieload, Fallout, RIDL, and LazyFP.

LVI, however, is a slightly different process where it emphasizes on a reverse-Meltdown. The previous attacks allowed the attackers to read an app’s data from inside a CPU memory in a transient state. LVI, on the other hand, allows a specific code injection directly into the CPU. This further executes the CPU as a transient “temporary” operation which gives the attacker full control. Tests regarding this carried out by two research teams proved successful at the attack’s wide impact.

These kinds of attacks are mostly a threat to multi-tenant environments such as data centers and enterprise workstations. However, LVI solely doesn’t hold a threat due to its data leaking nature. Research teams revealed that this also holds the risk of performance reduction due to potential mitigations. These will directly affect the system performance by 2x to 19x depending on the workload.

Intel provided the following statement regarding LVI:

Researchers have identified a new mechanism referred to as Load Value Injection (LVI). Due to the numerous complex requirements that must be satisfied to successfully carry out, Intel does not believe LVI is a practical method in real-world environments where the OS and VMM are trusted. New mitigation guidance and tools for LVI are available now and work in conjunction with previously released mitigations to substantively reduce the overall attack surface. We thank the researchers who worked with us and our industry partners for their contributions on the coordinated disclosure of this issue.

It further added a statement specific to SGX:

To mitigate the potential exploits of Load Value Injection (LVI) on platforms and applications utilizing Intel SGX, Intel is releasing updates to the SGX Platform Software and SDK starting today. The Intel SGX SDK includes guidance on how to mitigate LVI for Intel SGX application developers. Intel has likewise worked with our industry partners to make application compiler options available and will conduct an SGX TCB Recovery. Refer to the Intel SGX Attestation Technical Details for more information.

The global leader in cybersecurity, Bitdefender stated that it discussed the attack with intel on the 10th of February 2020. The company also included that while a fix may prove hard to come by, the only fix, for now, is disabling Hyperthreading or upgrading to new hardware with in-silicon fixes. The only core family that supports in-silicon fixes are the Ice Lake architecture and Atom CPUs.