Users should monitor for activity on the system that may indicate a potential information disclosure. Microarchitectural analysis indicates that with some system configurations, a local attacker may be able to determine portions of memory contents from a running system’s memory.
Intel has only received reports relating to this issue, and there is no known work-around at this time.
Intel has released revision 10 of the microarchitecture, which may reduce the risk of this issue being exploited.
Intel has today released a new microarchitecture to address a security vulnerability that impacts Intel® Xeon® Scalable Processors. Although the vulnerability was not able to be exploited in the wild, we recommend that customers update their systems and software as soon as possible.
The vulnerability could allow unauthorized access to system memory by an attacker providing them with physical access to the system. The vulnerability is mitigated through hardware changes, but not fully resolved. As such, we have released a microarchitecture revision 10 of the processor family which will mitigate the exploitability of this issue on some system configurations.
Intel® Software Guard Extensions (SGX)
Intel® Software Guard Extensions (SGX) is a set of instructions that facilitates the creation and enforcement of memory protections. The instructions also allow applications to create and run a secure execution environment in which trusted code can be executed from outside the main operating system.
SGX provides data-protection capabilities for sensitive application data and helps protect against side-channel attacks by enabling software to protect critical data. Intel® SGX is designed for use with Intel® Xeon® Scalable processors, but it can also be used on other platforms that support Intel® Advanced Vector Extension 512 (AVX512).
Intel Software Guard Extensions (SGX) - CVE-2018-3620
Intel SGX is a hardware-based execution protection mechanism that can help secure applications from malicious code running on the same system.
As with all protections, there are some conditions under which SGX may be bypassed or not fully effective.
The first condition is when an attacker has physical access to the system being protected by SGX and knows the addresses of the protected code and other program's memory pages. This information may be leaked through data gathered from Intel Processors' System Agent subsystem.
The second condition is when the attacker can control processor register contents, either via the operating system or one of many publicly available software tools like those found at https://github.com/zalando/movfuscator.
Intel has released a statement describing these conditions in more detail: https://newsroom.intel.com/news-releases/sgdx-mcg-statement-on-intel-software-guard-extensions (https://newsroom.intel.com/news-releases/sgdx-mcg-statement-on-intel-software-guard-extensions)
Vulnerabilities in the Software
Unlike a hardware flaw, software flaws require some effort to exploit. This is because an attacker needs to know what they need to do in order to cause the system to run malicious code. The goal of these vulnerabilities are often to provide access to information or services that would otherwise be inaccessible.
A weakness has been identified in the Intel software that may allow an attacker with local access and administrative privileges on a system’s host CPU-based virtual machine (VM) guest operating system instance to obtain memory contents from the VM guest operating system instance.