vulnerability — LowEndSpirit

YAWV - Jan 2022 edition

vyas — Fri, 07 Jan 2022 15:24:47 +0000

Yet another WordPress vulnerability

https://www.searchenginejournal.com/wordpress-core-vulnerabilities/432042/

Rather sketchy details on nature of exploit, or the severity of threat.

Intel Vulnerability: Hijacking Transient Execution with Load Value Injection

souen — Wed, 11 Mar 2020 18:01:00 +0000

Another day, another Intel exploit.

LVI is a new class of transient-execution attacks exploiting microarchitectural flaws in modern processors to inject attacker data into a victim program and steal sensitive data and keys from Intel SGX, a secure vault in Intel processors for your personal data.

LVI turns previous data extraction attacks around, like Meltdown, Foreshadow, ZombieLoad, RIDL and Fallout, and defeats all existing mitigations. Instead of directly leaking data from the victim to the attacker, we proceed in the opposite direction: we smuggle — "inject" — the attacker's data through hidden processor buffers into a victim program and hijack transient execution to acquire sensitive information, such as the victim’s fingerprints or passwords.

[...]

LVI in 4 simple steps:
1. Poison a hidden processor buffer with attacker values.
2. Induce a faulting or assisted load in the victim program.
3. The attacker's value is transiently injected into code gadgets following the faulting load in the victim program.
4. Side channels may leave secret-dependent traces, before the processor detects the mistake and rolls back all operations.

Source: https://lviattack.eu/

New Intel CPU vulnerability

joepie91 — Mon, 27 Jan 2020 19:24:23 +0000

Time to reset the "It's been __ days since the last Intel CPU vulnerability" counter!

We present CacheOut, a new speculative execution attack that is capable of leaking data from Intel CPUs across many security boundaries. We show that despite Intel's attempts to address previous generations of speculative execution attacks, CPUs are still vulnerable, allowing attackers to exploit these vulnerabilities to leak sensitive data.

Moreover, unlike previous MDS issues, we show in our work how an attacker can exploit the CPU's caching mechanisms to select what data to leak, as opposed to waiting for the data to be available. Finally, we empirically demonstrate that CacheOut can violate nearly every hardware-based security domain, leaking data from the OS kernel, co-resident virtual machines, and even SGX enclaves.

Source

Microcode updates are supposedly already available. Best update ASAP, if you're running Intel and haven't yet... you know the drill.