TA18-141A: Side-Channel Vulnerability Variants 3a and 4

Original release date: May 21, 2018

Systems Affected

CPU hardware implementations

Overview

On May 21, 2018, new variants—known as 3A and 4—of the side-channel central processing unit (CPU) hardware vulnerability were publically disclosed. These variants can allow an attacker to obtain access to sensitive information on affected systems.

Description

CPU hardware implementations—known as Spectre and Meltdown—are vulnerable to side-channel attacks. Meltdown is a bug that “melts” the security boundaries normally enforced by the hardware, affecting desktops, laptops, and cloud computers. Spectre is a flaw that an attacker can exploit to force a CPU to reveal its data.

Variant 3a is a vulnerability that may allow an attacker with local access to speculatively read system parameters via side-channel analysis and obtain sensitive information.

Variant 4 is a vulnerability that exploits “speculative bypass.” When exploited, Variant 4 could allow an attacker to read older memory values in a CPU’s stack or other memory locations. While implementation is complex, this side-channel vulnerability could allow less privileged code to

  • Read arbitrary privileged data; and
  • Run older commands speculatively, resulting in cache allocations that could be used to exfiltrate data by standard side-channel methods.

Corresponding CVEs for Side-Channel Variants 1, 2, 3, 3a, and 4 are found below:

  • Variant 1: Bounds Check Bypass – CVE-2017-5753
  • Variant 2: Branch Target Injection – CVE-2017-5715
  • Variant 3: Rogue Data Cache Load – CVE-2017-5754
  • Variant 3a: Rogue System Register Read – CVE-2018-3640
  • Variant 4: Speculative Store Bypass – CVE-2018-3639

Impact

Side-Channel Vulnerability Variants 3a and 4 may allow an attacker to obtain access to sensitive information on affected systems.

Solution

Mitigation

NCCIC recommends users and administrators

  • Refer to their hardware and software vendors for patches or microcode,
  • Use a test environment to verify each patch before implementing, and
  • Ensure that performance is monitored for critical applications and services.
    • Consult with vendors and service providers to mitigate any degradation effects, if possible.
    • Consult with Cloud Service Providers to mitigate and resolve any impacts resulting from host operating system patching and mandatory rebooting, if applicable.

The following table contains links to advisories and patches published in response to the vulnerabilities. This table will be updated as information becomes available.

Link to Vendor Information Date Added
AMD May 21, 2018
ARM May 21, 2018
Microsoft May 21, 2018
Redhat May 21, 2018

References

Revision History

  • May 21, 2018: Initial version

This product is provided subject to this Notification and this Privacy & Use policy.

 

Powered by WPeMatico

Latest Blogs

AA18-337A: SamSam Ransomware

Original release date: December 03, 2018 Summary The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) and the Federal Bureau of Investigation (FBI) are issuing this […]


TA18-331A: 3ve – Major Online Ad Fraud Operation

Original release date: November 27, 2018 Systems Affected Microsoft Windows Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and […]


AA18-284A: Publicly Available Tools Seen in Cyber Incidents Worldwide

Original release date: October 11, 2018 Summary This report is a collaborative research effort by the cyber security authorities of five nations: Australia, Canada, New Zealand, the United Kingdom, and […]


TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers

Original release date: October 03, 2018 Systems Affected Network Systems Overview The National Cybersecurity and Communications Integration Center (NCCIC) is aware of ongoing APT actor activity attempting to infiltrate the […]


TA18-276A: Using Rigorous Credential Control to Mitigate Trusted Network Exploitation

Original release date: October 03, 2018 Systems Affected Network Systems Overview This technical alert addresses the exploitation of trusted network relationships and the subsequent illicit use of legitimate credentials by […]


About Humanit

humanit is an IT support company focused on providing the very best IT support for small to medium sized businesses in Chon Buri Thailand. Our customers range from award winning estate agents right through to factories in Amata city. Our passion is our customers. That’s right. It’s not the technologies, but we get a love helping out our customers issues and providing them with the technology to enable their company to grow. What makes our customers happy do I hear you ask? Take a look at our testimonials page and see for yourself.