Intel CPUs From Haswell to Cascade Lake Vulnerable to Zombieload V2
All Intel CPUs based upon Haswell up to the latest Cascade Lake CPUs have been discovered to be vulnerable to a new variant of Zombieload attacks, now known as Zombieload V2 as detailed in this whitepaper.
Microarchitectural Data Sampling (MDS)
Zombieload V2 marks the fifth entry to the list of Microarchitectural Data Sampling (MDS) vulnerabilities, building upon four previously discovered and patched by 1H 2019. Intel’s HEDT and enterprise microarchitecture, Cascade Lake, was initially believed to be immune to Zombieload-type security exploits, though this has proven to be false as Zombieload V2 may very well compromise a Cascade Lake system, let alone microarchitectures before Cascade Lake going back to as far as 2013 for Zombieload V2 and 2011 for the original Zombieload vulnerability.
Due to the nature of Intel’s microarchitectures, no hardware-level mitigations may be put into place. Intel’s alternate solution is to push out a microcode update in the form of a firmware patch that will become available through motherboard manufacturers as BIOS updates. Patches may also become available through an operating system patch.
How Does Zombieload V2 Work?
Zombieload V2 is enabled by Intel CPUs’ Asynchronous Abort operation as part of Transactional Synchronization Extensions (TSX) when malware executed read operations on the CPU. When this occurs, other data currently being executed or stored on the CPU may become readable to foreign entities. Due to Intel’s inclusion of TSX in it’s processors, Zombieload is possible. As for AMD CPUs, AMD has not included TSX, and therefore, AMD CPUs are immune to Zombieload exploits.
The main advantage of this approach is that it also works on machines with hardware fixes for Meltdown, which we verified on an i9-9900K and Xeon Gold 5218.
An update on Zombieload V2 has been posted on the Zombieload informational website.
With November 14th, 2019, we present a new variant of ZombieLoad that enables the attack on CPUs that include hardware mitigations against MDS in silicon. With Variant 2 (TAA), data can still be leaked on microarchitectures like Cascade Lake where other MDS attacks like RIDL or Fallout are not possible. Furthermore, we show that the software-based mitigations in combinations with microcode updates presented as countermeasures against MDS attacks are not sufficient.
We disclosed Variant 2 to Intel on April 23rd, 2019, and communicated that the attacks work on Cascade Lake CPUs on May 10th, 2019. On May 12th, 2019, the variant has been put under embargo and, thus, has not been published with the previous version of our ZombieLoad attack on May 14th, 2019.
Previous measures taken to restore the security of affected devices have taken a toll on performance as the functions of the CPU must be altered. In this situation, because of the ability to continue to exploit security vulnerabilities despite previous patches being deployed, new methods of mitigation may need to be developed.