Offers

now browsing by tag

 
 

Intel patches graphics drivers and offers new LVI flaw mitigations – Naked Security

Source: National Cyber Security – Produced By Gregory Evans

Intel’s March security updates reached its customers this week and on the face of it, the dominant theme is the bundle of flaws affecting the company’s Graphics drivers.

There are 17 of these all told, including six high-severity flaws, starting with CVE-2020-0504, a buffer overflow leading to a denial of service flaw whose CVSS score of 8.4 suggests the need for urgent attention.

Intel doesn’t offer much detail on the individual flaws beyond the fact they allow the usual trio of privilege escalation, information disclosure and denial of service, all of which require local access.

Beyond this lie fixes for another 11 flaws affecting product lines including SmartSound, BlueZ, the Max 10 FPGA, the NUC firmware, and the Programmable Acceleration Card (PAC) N3000.

However, the star flaw of the month is CVE 29, the Load Value Injection (LVI) weakness (CVE-2020-0551) publicised this week by a diverse group of mainly academic security researchers.

Following in the footsteps of a series of chip-level flaws with impressive names (Spectre, Meltdown, Fallout, ZombieLoad, RIDL, CacheOut), this one is what might light-heartedly be called a ‘NOBWAIN’ (Not a Bug With an Impressive Name).

According to the researchers, LVI is unlike previous side-channel processor attacks:

Instead of directly leaking data from the victim to the attacker, we proceed in the opposite direction: we smuggle – ‘inject’ – the attacker’s data through hidden processor buffers into a victim program and hijack transient execution to acquire sensitive information, such as the victim’s fingerprints or passwords.

Reported to Intel last April, it’s a novel technique which could, for example, be used to steal data from Software Guard eXtension (SGX) enclaves, a secure memory location inside post-2015 Intel processors used to store things like encryption keys, digital certificates, and passwords.