Since 2018, we have an alarming wave of Meltdown-type attacks: from the original Meltdown, breaking kernel isolation, over Foreshadow, breaking virtual machine and SGX enclave isolation, to most recently ZombieLoad, breaking all of these. Meltdown-type attacks leak arbitrary data, breaking basically all confidentiality guarantees of CPUs. Luckily, we already have widely deployed countermeasures -- either in hardware or software -- preventing exploitation of all these attacks.
In this talk, we show that despite all countermeasures, the Meltdown effect can be turned around to inject attacker-controlled data into the state of a victim application. This technique, called Load Value Injection (LVI), smuggles the attacker's data through hidden processor buffers into a victim program allowing to hijack transient control and data flow after causing a (microarchitectural) fault during the victim's execution. We show that this can be exploited for all CPUs that were affected by some variant of Meltdown. Especially in the case of trusted execution environments, such as Intel SGX, where an attacker has full control of the operating system, adversaries can easily trigger a fault in the victim and leak arbitrary enclave secrets.
We outline the drastic consequences for affected CPUs. After nearly 1 year of embargo, fully mitigating our attacks requires serializing the processor pipeline with memory fence instructions after possibly every memory load. Additionally and even worse, due to implicit loads on some architectures, specific instructions have to be blacklisted, including the ubiquitous x86 ret instruction. In a demo, we show how LVI can be used to leak a cryptographic key.
For more information about our work, including demo videos and a trailer, see: <https://lviattack.eu>
A technical paper about this work will appear at IEEE S&P 2020 and is available here: <https://lviattack.eu/lvi.pdf>
Daniel Gruss (@lavados) is an Assistant Professor at Graz University of Technology. He finished his PhD with distinction in less than 3 years. He has been involved in teaching operating system undergraduate courses since 2010. Daniel's research focuses on side channels and security on the hardware-software boundary. His research team was involved in several vulnerability disclosures, including Meltdown and Spectre. He has co-authored more than 20 top-tier academic publications in the past 5 years and received several prizes for his research.
Jo Van Bulck (@jovanbulck) is a PhD candidate at imec-DistriNet, KU Leuven (BE). His research explores security limitations along with the the hardware-software interface, with particular attention to privileged side-channel attacks in trusted execution environments. Over the past years, Jo has uncovered several innovative microarchitectural side-channel attack vectors in commodity Intel x86 processors, and more recently was among the firsts to discover transient-execution CPU vulnerabilities. In the aftermath of Spectre and Meltdown, his research on the high-profile Foreshadow attack led to a complete collapse of the intel SGX ecosystem and ultimately even dismantled widespread virtual machine and operating system isolation.