Three new Spectre-style flaws revealed that affect Intel chips

New bugs mark the third critical vulnerability to exploit speculative execution

Foreshadow CPU vulnerability logo showing a lock with a broken shadow

Intel has disclosed three new security flaws affecting its processors, which exploit speculative executions and side-channel memory in a similar way to Meltdown and Spectre.

The three new flaws are all variants of one vulnerability, which has been dubbed 'Foreshadow' by the security researchers who discovered it and is referred to by Intel as L1 Terminal Fault (L1TF).

CVE-2018-3615 affects Software Guard Extensions (SGX), CVE-2018-3620 relates to system memory managers (SMM) and operating systems, and CVE-2018-3620 affects virtual machines and hypervisors.

"When a program attempts to access data in memory, the logical memory address is translated to a physical address by the hardware," Intel's white paper on the issue said. "Accessing a logical or linear address that is not mapped to a physical location on the hardware will result in a terminal fault."

Advertisement - Article continues below
Advertisement - Article continues below

"Once the fault is triggered, there is a gap before resolution where the processor will use speculative execution to try to load data. During this time, the processor could speculatively access the level 1 data cache (L1D), potentially allowing side-channel methods to infer information that would otherwise be protected."

All classes of Intel's CPUs are affected, from desktop chips all the way up to high-performance server components. Critically, Foreshadow also affects the servers on which multi-tenant cloud services are hosted, meaning that customers of cloud providers are also at risk.

Like Meltdown and Spectre before it, Foreshadow exploits a feature of processors known as speculative execution, which relates to the page tables of a processor's physical memory. Page tables define which areas of RAM are dedicated to which currently-running processes or applications.

In theory, when an application requests to access this area of RAM, the processor should consult the page tables to identify whether or not the request is valid. However, in order to speed up performance, modern processors will execute the request based on the data that is stored in its L1 cache memory before the validity of the request can be confirmed in the page table.

Hackers can exploit this by using malware running on the same physical CPU core to mark certain entries in the page table as invalid and then reading the data that is speculatively fetched from the L1 cache - which can include passwords, encryption keys and assorted personal data.

Because this flaw also affects servers which use virtualisation, cloud services are also at risk. If a malicious VM is running on the same physical CPU core as another customer's VM, this technique can be exploited to steal information from that VM.

Advertisement - Article continues below

The microcode patches that Intel released earlier in the year to address Meltdown and Spectre, combined with operating system and hypervisor patches, will be used to address all three vulnerabilities. The big three cloud providers - AWS, Microsoft Azure and Google Cloud - have also put measures in place to mitigate the impact of Foreshadow, but Red Hat has warned that one of the recommended mitigation measures - disabling hyper-threading - can have a notable impact on performance and availability, with losses in the region of 30% and 50%, respectively.

The forthcoming generation of Intel processors, starting with the upcoming 'Cascade Lake' Xeon Scalable processors, will also address Meltdown, Spectre and Foreshadow at the hardware level.

Intel has stated that it is "not aware of reports that any of these methods have been used in real-world exploits", but reminded customers to adhere to best practices and apply all available patches.

Featured Resources

How inkjet can transform your business

Get more out of your business by investing in the right printing technology

Download now

Journey to a modern workplace with Office 365: which tools and when?

A guide to how Office 365 builds a modern workplace

Download now

Modernise and transform your sales organisation

Learn how a modernised sales process can drive your business

Download now

Your guide to managing cloud transformation risk

Realise the benefits. Mitigate the risks

Download now


internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

cloud computing

Google Cloud snaps up multi-cloud analytics platform for $2.6bn

13 Feb 2020

How to use Chromecast without Wi-Fi

5 Feb 2020
operating systems

How to fix a stuck Windows 10 update

12 Feb 2020
cyber attacks

Apple Mac malware detections overtake Windows the first time

11 Feb 2020