Notebookcheck

New side-channel vulnerability confirmed in Kaby Lake and Skylake CPUs

SMT allows for multi-threaded parallel processing, but has an apparent security flaw. (Source: Wikipedia)
SMT allows for multi-threaded parallel processing, but has an apparent security flaw. (Source: Wikipedia)
A new CVE may enable yet another side-channel exploit in Intel processors. This vulnerability, known as CVE-2018-5407 (or "PortSmash"), targets Hyper-Threading (or simultaneous multi-threading (SMT)). It is confirmed as effective in Skylake and Kaby Lake chips, and could affect others.

A team of researchers from the Tampere University of Technology in Finland and the University of Technology in Habana have reported the discovery of a new CVE which (again) affects Intel CPUs. This exploit has been classified as CVE-2018-5407, and is also known as PortSmash. It is another new side-channel exploit that leverages Intel Hyper-Threading (or simultaneous multi-threading (SMT)) to potentially steal data.

The Tampere/Habana team assert that the exploit can enable a hacker to run their process in a thread alongside a target process and steal from it, so long as they get the parallel-processing timing right. Accordingly, they have demonstrated the ability to steal a private SSL key from a TLS server using PortSmash.

The CVE has been confirmed as operable in Skylake or Kaby Lake CPUs, and could also affect other processors with SMT or Hyper-Threading. The work on PortSmash is to be found on GitHub and OpenWall, and will also be published in an upcoming article. Its authors suggest ensuring that OpenSSL is updated to a version later than 1.1.0i as a preventative measure against PortSmash. Intel has been informed of this issue, but is yet to respond (correct at time of writing). 

Source(s)

static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2018 11 > New side-channel vulnerability confirmed in Kaby Lake and Skylake CPUs
Deirdre O Donnell, 2018-11- 2 (Update: 2018-11- 2)