Foreshadow

This article is about the security vulnerability. For the literary technique, see Foreshadowing. For other uses, see Foreshadow (disambiguation).
See also: Transient execution CPU vulnerability

Foreshadow
A logo created for the vulnerability, featuring a lock with a shadow
CVE identifier(s)CVE-2018-3615 (Foreshadow), CVE-2018-3620 and CVE-2018-3646 (Foreshadow-NG)
Date discoveredJanuary 2018; 6 years ago (2018-01)
Affected hardwareModern Intel processors

Foreshadow, known as L1 Terminal Fault (L1TF) by Intel,[1][2] is a vulnerability that affects modern microprocessors that was first discovered by two independent teams of researchers in January 2018, but was first disclosed to the public on 14 August 2018.[18] The vulnerability is a speculative execution attack on Intel processors that may result in the disclosure of sensitive information stored in personal computers and third-party clouds.[1] There are two versions: the first version (original/Foreshadow) (CVE-2018-3615) targets data from SGX enclaves; and the second version (next-generation/Foreshadow-NG)[19] (CVE-2018-3620 and CVE-2018-3646) targets virtual machines (VMs), hypervisors (VMM), operating systems (OS) kernel memory, and System Management Mode (SMM) memory.[1] A listing of affected Intel hardware has been posted.[11][12]

Foreshadow is similar to the Spectre security vulnerabilities discovered earlier to affect Intel and AMD chips, and the Meltdown vulnerability that also affected Intel.[7] AMD products are not affected by the Foreshadow security flaws.[7] According to one expert, "[Foreshadow] lets malicious software break into secure areas that even the Spectre and Meltdown flaws couldn't crack".[16] Nonetheless, one of the variants of Foreshadow goes beyond Intel chips with SGX technology, and affects "all [Intel] Core processors built over the last seven years".[3]

Foreshadow may be very difficult to exploit.[3][7] As of 15 August 2018, there seems to be no evidence of any serious hacking involving the Foreshadow vulnerabilities.[3][7] Nevertheless, applying software patches may help alleviate some concern, although the balance between security and performance may be a worthy consideration.[6] Companies performing cloud computing may see a significant decrease in their overall computing power; people should not likely see any performance impact, according to researchers.[10] The real fix, according to Intel, is by replacing today's processors.[6] Intel further states, "These changes begin with our next-generation Intel Xeon Scalable processors (code-named Cascade Lake),[20][21] as well as new client processors expected to launch later this year [2018]."[6]

On 16 August 2018, researchers presented technical details of the Foreshadow security vulnerabilities in a seminar, and publication, entitled "Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution"[22] at a USENIX security conference.[9][22]

  1. ^ a b c d "Foreshadow - Breaking the Virtual Memory Abstraction with Transient Out-of-Order Execution". ForeShadowAttack.eu. 2018-08-14. Archived from the original on 2018-08-15. Retrieved 2018-08-14.
  2. ^ "Software Security Guidance from Intel". Software.intel.com. Archived from the original on 2020-07-26. Retrieved 2021-12-29.
  3. ^ a b c d Kan, Michael (2018-08-14). "New 'Foreshadow' Flaw Exploits Intel Chips To Steal Protected Data - The new vulnerability builds on research related to the Meltdown and Spectre flaws. Foreshadow can be exploited to read data from Intel's SGX technology, while a separate variant can break the security protections in data centers that run virtual machines". PC Magazine. Archived from the original on 2018-08-15. Retrieved 2018-08-14.
  4. ^ Bright, Peter (2018-08-14). "Intel's SGX blown wide open by, you guessed it, a speculative execution attack - Speculative execution attacks truly are the gift that keeps on giving". Ars Technica. Archived from the original on 2018-08-15. Retrieved 2018-08-14.
  5. ^ Newman, Lily Hay (2018-08-14). "Spectre-like Flaw Undermines intel Processors' Most Secure Element". Wired. Archived from the original on 2019-01-11. Retrieved 2018-08-15.
  6. ^ a b c d Vaughan-Nichols, Steven J. (2018-08-14). "Beyond Spectre: Foreshadow, a new Intel security problem - Researchers have broken Intel's Software Guard Extensions, System Management Mode, and x86-based virtual machines". ZDNet. Archived from the original on 2018-08-15. Retrieved 2018-08-15.
  7. ^ a b c d e Giles, Martin (2018-08-14). "Intel's 'Foreshadow' flaws are the latest sign of the chipocalypse". MIT Technology Review. Archived from the original on 2018-08-16. Retrieved 2018-08-14.
  8. ^ Masters, Jon (2018-08-14). "Understanding L1 Terminal Fault aka Foreshadow: What you need to know". Red Hat. Archived from the original on 2018-08-18. Retrieved 2018-08-18.
  9. ^ a b Chirgwin, Richard (2018-08-15). "Foreshadow and Intel SGX software attestation: 'The whole trust model collapses' - El Reg talks to Dr Yuval Yarom about Intel's memory leaking catastrophe". The Register. Archived from the original on 2018-08-15. Retrieved 2018-08-15.
  10. ^ a b Lee, Dave (2018-08-15). "'Foreshadow' attack affects Intel chips". BBC News. Archived from the original on 2018-08-15. Retrieved 2018-08-15.
  11. ^ a b Staff (2018-08-14). "Q3 2018 Speculative Execution Side Channel Update (Intel-SA-00161)". Intel. Archived from the original on 2019-04-24. Retrieved 2018-08-01.
  12. ^ a b Armasu, Lucian (2018-08-15). "Intel Chips' List of Security Flaws Grows". Tom's Hardware. Archived from the original on 2021-12-29. Retrieved 2018-08-15.
  13. ^ Kerner, Sean Michael (2018-08-15). "Intel SGX at Risk From Foreshadow Speculative Execution Attack - Another set of side-channel, speculative execution vulnerabilities have been publicly reported by security researchers; this time the vulnerabilities take specific aim at SGX secure enclave and hypervisor isolation boundaries". eWeek. Archived from the original on 2021-12-29. Retrieved 2018-08-15.
  14. ^ Kennedy, John (2018-08-15). "A Foreshadow of security: What you need to know about new Intel chip flaws". Silicon Republic.com. Archived from the original on 2018-08-16. Retrieved 2018-08-15.
  15. ^ Hachman, Mark (2018-08-15). "Foreshadow attacks Intel CPUs with Spectre-like tactics (but you're probably safe) - You should be protected from L1TF if your PC is patched and up to date". PC World. Archived from the original on 2021-12-29. Retrieved 2018-08-16.
  16. ^ a b Hoffman, Chris (2018-08-16). "How to Protect Your PC From the Intel Foreshadow Flaws". How-To Geek. Archived from the original on 2018-08-16. Retrieved 2018-08-16.
  17. ^ Constantin, Lucian (2018-08-16). "New Foreshadow Vulnerabilities Defeat Memory Defenses on Intel CPUs". SecurityBoulevard.com. Archived from the original on 2018-08-17. Retrieved 2018-08-16.
  18. ^ [1][3][4][5][6][7][8][9][10][11][12][13][14][15][16][17]
  19. ^ Weisse, Ofir; et al. (2018). "Foreshadow-NG: Breaking the virtual memory abstraction with transient out-of-order execution".[permanent dead link]
  20. ^ Cite error: The named reference AnandT-20180819 was invoked but never defined (see the help page).
  21. ^ Cite error: The named reference TH-20180822 was invoked but never defined (see the help page).
  22. ^ a b Van Bulck, Jo; Minkin, Marina; Weisse, Ofir; Genkin, Daniel; Kasikci, Baris; Piessens, Frank; Silberstein, Mark; Wenisch, Thomas F.; Yarom, Yuval; Strackx, Raoul (2018-08-16). "Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution" (PDF). USENIX. Archived (PDF) from the original on 2018-08-18. Retrieved 2018-08-16.