Hardware security bug: Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 03:49, 2 June 2019 edit DIYeditor (talk \| contribs) Extended confirmed users 10,860 edits →Firmware: heading ← Previous edit		Latest revision as of 20:51, 30 September 2022 edit undo Citation bot (talk \| contribs) Bots 5,868,077 edits Add: date. \| Use this bot. Report bugs. \| Suggested by Whoop whoop pull up \| Category:Side-channel attacks \| #UCB_Category 1/24
(17 intermediate revisions by 7 users not shown)
Line 1: {{short description\|Hardware bug}} In digital computing, '''hardware security bugs''' are [[hardware bug]]s or flaws that create [[Vulnerability (computing)\|vulnerabilities]] affecting computer [[central processing unit]]s (CPUs), or other devices which incorporate programmable processors or logic and have [[direct memory access]], which allow data to be read by a rogue process when such reading is not authorized. Such vulnerabilities are considered "catastrophic" by security analysts.<ref> {{cite web \| url=https://www.schneier.com/blog/archives/2018/01/spectre_and_mel_1.html \| author = Bruce Schneier Line 20 ⟶ 21: \| publisher=Rudebaguette.com \| date = January 8, 2018 \| quote = ''[sic]:'' The effects of these vulnerabilities are catastrophic: « at best, the vulnerability can be used by malwares and hackers to exploit other security linked bugs. At worse, the flaw can be used by ~~softwares~~software and authentified users to read the kernel’s memory \| accessdate = February 4, 2019 }} </ref> ==Speculative execution vulnerabilities== Starting in 2017, a series of security vulnerabilities were found in the implementations of [[speculative execution]] on common processor architectures which effectively enabled an elevation of [[privilege (computing)\|privileges]]. These include: * [[~~Spectre~~Foreshadow (security vulnerability)\|~~Spectre~~Foreshadow]] * [[Meltdown (security vulnerability)\|Meltdown]] * [[SPOILER_(security_vulnerability)\|SPOILER]] * [[Foreshadow (security vulnerability)\|Foreshadow]]▼ * [[Microarchitectural Data Sampling]] ▲* [[~~Foreshadow~~Spectre (security vulnerability)\|~~Foreshadow~~Spectre]] * [[SPOILER (security vulnerability)\|SPOILER]] * [[Pacman (security vulnerability)\|Pacman]] ==Intel VISA== In 2019 researchers discovered that a manufacturer debugging mode, known as VISA, had an undocumented feature on [[Intel Corporation\|Intel]] Platform Controller Hubs, ~~known~~which asare the chipsets included on most Intel-based motherboards and which have direct memory access, which made the mode accessible with a normal motherboard possibly leading to a security vulnerability.<ref name=toms>{{cite web\|url=https://www.tomshardware.com/news/intel-visa-undocumented-feature-chipsets-cpus,38954.html\|title=Intel Chipsets' Undocumented Feature Can Help Hackers Steal Data\|work=Tom's Hardware\|author=Lucian Armasu\|date=29 March 2019 }}</ref> ~~==Chipset==~~ Several weaknesses have been found in the code for the [[Intel Management Engine]] (ME) which is a processor that operates independently and in the background on Intel motherboard chipsets. On May 1, 2017, Intel confirmed a Remote Elevation of Privilege bug (SA-00075) in its Management Technology.<ref name="intelmay">{{cite web\|url=https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr \|title=Intel® Product Security Center \|website=Security-center.intel.com \|date= \|accessdate=2017-05-07}}</ref> Every Intel platform with provisioned Intel Standard Manageability, Active Management Technology, or Small Business Technology, from [[Intel Nehalem\|Nehalem]] in 2008 to [[Intel Kaby Lake\|Kaby Lake]] in 2017 has a remotely exploitable security hole in the ME.<ref>{{cite web\|author=Charlie Demerjian \|url=https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/ \|title=Remote security exploit in all 2008+ Intel platforms \|publisher=SemiAccurate \|date=2017-05-01 \|accessdate=2017-05-07}}</ref><ref name="reg-2017-05-01">{{cite web\|url=https://www.theregister.co.uk/2017/05/01/intel_amt_me_vulnerability/ \|title=Red alert! Intel patches remote execution hole that's been hidden in chips since 2010 \|website=Theregister.co.uk \|accessdate=2017-05-07}}</ref> Several ways to disable the ME without authorization that could allow ME's functions to be sabotaged have been found.<ref>{{cite web \|last1=Alaoui \|first1=Youness \|date=October 19, 2017 \|title=Deep dive into Intel Management Engine disablement \|url=https://puri.sm/posts/deep-dive-into-intel-me-disablement/ }}</ref><ref>{{cite web \|last1=Alaoui \|first1=Youness \|date=March 9, 2017 \|title=Neutralizing the Intel Management Engine on Librem Laptops \|url=https://puri.sm/posts/neutralizing-intel-management-engine-on-librem-laptops/}}</ref><ref name=ptsecurity1>{{cite web\|url=http://blog.ptsecurity.com/2017/08/disabling-intel-me.html \|title=Positive Technologies Blog: Disabling Intel ME 11 via undocumented mode \|accessdate=2017-08-30 \|df= }}</ref> Additional major security flaws in the ME affecting a very large number of computers incorporating ME, Trusted Execution Engine (TXE), and Server Platform Services (SPS) firmware, from [[Intel Skylake\|Skylake]] in 2015 to [[Coffee Lake]] in 2017, were confirmed by Intel on 20 November 2017 (SA-00086).<ref name=extreme1>{{cite web\|url=https://www.extremetech.com/computing/259426-intel-patches-major-flaws-intel-management-engine\|title=Intel Patches Major Flaws in the Intel Management Engine\|publisher=Extreme Tech}}</ref> Unlike SA-00075, this bug is even present if AMT is absent, not provisioned or if the ME was "disabled" by any of the known unofficial methods.<ref>https://www.theregister.co.uk/2017/12/06/intel_management_engine_pwned_by_buffer_overflow/</ref> In July 2018 another set of vulnerabilitites were disclosed (SA-00112).<ref name=SA-00112>https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00112.html</ref> In September 2018, yet another vulnerability was published (SA-00125).<ref>https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00125.html</ref> == See also == Line 44 ⟶ 43: * [[Security bug]] * [[Computer security]] * [[Threat (computer)]] == References == Line 51: ~~[[category:Computer security]]~~ [[category:Computer security exploits]] [[category:Hardware bugs]] [[category:Side-channel attacks]] [[~~category~~Category:2018 in ~~computer science~~computing]]