Google Project Zero today released information about vulnerabilities that affect all major processors, including AMD, ARM, and Intel. Almost all PCs, laptops, tablets and smartphones are in danger, regardless of manufacturer or operating system.
The hardware vulnerabilities have been categorized into two attacks, called Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715), which could allow hackers to steal sensitive data which is currently processed on the computer.
Both attacks take advantage of a feature in chips known as "speculative execution," a technique used by most modern processors to optimize performance.
"In order to improve performance, many CPUs may choose to speculatively execute instructions based on assumptions that are considered likely to be true. During speculative execution, the processor is verifying these assumptions; if they are valid, then the execution continues. If they are invalid, then the execution is unwound, and the correct execution path can be started based on the actual conditions," Project Zero commented.
For this reason, such speculative execution may have "side effects which are not restored when the CPU state is unwound and can lead to information disclosure."
The Meltdown vulnerability allows hackers to read not only the memory of the kernel but also the entire physical memory of the attacked machines, all the secrets of other programs and the operating system.
“Meltdown is a related microarchitectural attack which exploits out-of-order execution in order to leak the target’s physical memory.”
Meltdown uses speculative execution to break isolation between user applications and the operating system, and this allows any application to access all system memory, including memory allocated for the kernel.
“Meltdown exploits a privilege escalation vulnerability specific to Intel processors, due to which speculatively executed instructions can bypass memory protection.”
Nearly all desktop, laptop, and cloud computers are affected by Meltdown.
The Specter vulnerability is very hard to fix and will cause problems for quite some time since this problem requires changes to processor architecture in order to fully mitigate.
The Spectre attack breaks the isolation between different applications, allowing the attacker-controlled program to trick error-free programs into leaking their secrets by forcing them into accessing arbitrary portions of its memory, which can then be read through a side channel.
The Spectre attack can be exploited to leak information from the kernel to user programs, as well as from virtualization hypervisors to guest systems.
“KAISER patch, which has been widely applied as a mitigation to the Meltdown attack, does not protect against Spectre.”
According to cybersecurity experts, this vulnerability affects every system, including desktops, laptops, cloud servers, as well as smartphones - powered by Intel, AMD, and ARM chips.