Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

New TSX Speculative Attack allows stealing sensitive data from latest Intel CPUs

ZombieLoad 2, aka TSX Asynchronous Abort, is a new flaw that affects the latest Intel CPUs that could be exploited to launch TSX Speculative attack. ZombieLoad 2, aka TSX Asynchronous Abort, is a new vulnerability tracked as CVE-2019-11135 that affects the latest Intel CPUs that could be exploited to launch TSX Speculative attack. The flaw […]

Intel CPU side-channel attack

ZombieLoad 2, aka TSX Asynchronous Abort, is a new flaw that affects the latest Intel CPUs that could be exploited to launch TSX Speculative attack.

ZombieLoad 2, aka TSX Asynchronous Abort, is a new vulnerability tracked as CVE-2019-11135 that affects the latest Intel CPUs that could be exploited to launch TSX Speculative attack.

The flaw affects the Transactional Synchronization Extensions (TSX) feature in Intel processors, it could be exploited by a local attacker or a malicious code to steal sensitive data from the underlying operating system kernel.

The ZombieLoad 2 attack also targets the speculative execution implemented in modern CPU to improve performance.

In the past months, security researchers devised several speculative -channel RIDL (Rogue In-Flight Data Load), Fallout, Microarchitectural Data Sampling (MDS attacks), and ZombieLoad.

Unlike Meltdown, Spectre, and Foreshadow attacks, MDS attacks target CPU’s microarchitectural data structures.

News of the day is that a new version of the ZombieLoad attack was devised by researchers, it also impacts processors in the Intel Cascade Lake CPU family that are not impacted by other attacks.

The Zombieload 2 attack only affects CPU supporting the Intel TSX instruction-set extension, a condition that is true in all Intel CPUs manufactured since 2013.

The TSX feature allows improving performance by leveraging a hardware transactional memory, any operation on this memory doen’t impact on the overall performance of the systems.

“The TSX Asynchronous Abort (TAA) vulnerability is similar to Microarchitectural Data Sampling (MDS) and affects the same buffers (store buffer, fill buffer, load port writeback data bus).” reads the security advisory published by Intel.

“Intel TSX supports atomic memory transactions that are either committed or aborted. When an Intel TSX memory transaction is aborted, either synchronously or asynchronously, all earlier memory writes inside the transaction are rolled back to the state before the transaction start. While an Intel TSX asynchronous abort (TAA) is pending, certain loads inside the transaction that are not yet completed may read data from microarchitectural structures and speculatively pass that data to dependent operations. This may cause microarchitectural side effects, which can later be measured to infer the value of the data in the microarchitectural structures.”

Experts discovered that aborting memory transactions may allow processes to compute the data found in other running processes, including operating system kernel data. An attacker could exploit the flaw to steal sensitive data, including passwords and encryption keys.

The following video shows a ZombieLoad MDS attack:

Additional technical details are available on the Zombieload website.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – TSX Speculative Attack, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]