Dubbed Spoiler, the new hack abuses speculative execution in Intel chips to leak secrets. IT targets a different area of the processor called the Memory Order Buffer, which is used to manage memory operations and is tightly coupled with the cache.
Researchers from Worcester Polytechnic Institute, Massachusetts, and the University of Lübeck in north Germany detail the attack in a new paper, 'Spoiler: Speculative load hazards boost Rowhammer and cache attacks'. The paper was released this month.
The researchers explain that Spoiler is not a Spectre attack, so it is not affected by Intel's mitigations for it, which otherwise can prevent other Spectre-like attacks such as SplitSpectre.
"The root cause for Spoiler is a weakness in the address speculation of Intel's proprietary implementation of the memory subsystem, which directly leaks timing behaviour due to physical address conflicts. Existing Spectre mitigations would therefore not interfere with Spoiler", they write.
They looked for the same weakness in ARM and AMD processor cores but didn't find the same behaviour that is present in Intel chips. Spoiler depends on "a novel microarchitectural leakage, which reveals critical information about physical page mappings to userspace processes".
"The leakage can be exploited by a limited set of instructions, which is visible in all Intel generations starting from the 1st generation of Intel Core processors, independent of the OS, and also works from within virtual machines and sandboxed environments."
The researchers say that Spoiler improves Rowhammer attacks and cache attacks that reverse-engineer virtual-to-physical address mapping. Using Spoiler, they show the leakage can be used to speed up reverse-engineering by a factor of 256. It also can speed up JavaScript attacks in the browser.
The researchers say that Intel has confirmed receipt of their findings on December 1, 2018. However, they note Intel won't be able to use software mitigation to address the problem Spoiler exploits fully. Meanwhile, hardware mitigations could address the issue but would almost certainly mean a hit on CPU performance.
Daniel (Ahmad) Moghimi, one of the paper's authors, said he doubts Intel will be able to patch the issue in the memory subsystem within the next five years.
"My personal opinion is that when it comes to the memory subsystem, it's very hard to make any changes and it's not something you can patch easily with a microcode without losing tremendous performance", he said.
Analyst Ken Kam of Marketocracy Capital Management said that AMD should be able to take advantage of this flaw.
“The question now is whether AMD's advantage will be big enough and last long enough for them to gain significant market share”, he said.
Last January, early estimates of the performance penalty for the Spectre and Meltdown patches ranged from five percent to 25 percent. Since then, datacentre system admins have told him that the patches have befome more efficient and the performance penalty has decreased. However, recently, Intel changed the licensing agreement for these software patches to prevent developers from publishing benchmark results.
“The degree of the performance penalty exacted by these patches is a good measure of the size of AMD's advantage. Intel can prevent developers from publishing their benchmark results, but they can't stop them from talking to each other. This information will get out. Investors will have to look for it on more technical websites frequented by developers”, he said.
Intel's is already years behind schedule in moving from 14 nm production lines to 10 nm. In contrast, AMD will soon be making its processors on a 7 nm production line.
“If Intel now also needs to redesign their processors to address Spoiler I cannot see how this can be accomplished in less than five years. That's enough time for AMD to take significant market share”, he said.
An Intel spokesman has told us:
"“Intel received notice of this research, and we expect that software can be protected against such issues by employing side channel safe software development practices. This includes avoiding control flows that are dependent on the data of interest. We likewise expect that DRAM modules mitigated against Rowhammer style attacks remain protected. Protecting our customers and their data continues to be a critical priority for us and we appreciate the efforts of the security community for their ongoing research.”