Skip to main content

Another Intel Processor Vulnerability Found

By November 12, 2018June 2nd, 2022Cybersecurity

Intel just can’t seem to catch a break.  By now, almost everyone has heard about the dreaded Spectre and Meltdown vulnerabilities which have been plaguing the chip maker since they were first discovered.  Now, it seems there’s a new chip-based threat.

This latest threat has been dubbed PortSmash by the research team from the Tampere University of Technology in Finland and the Technical University of Havana, in Cuba who jointly discovered it.  It works by abusing a weakness in Intel’s Hyper-Threading technology, which is Intel’s implementation of SMT (Simultaneous Multi Threading).

The researchers had this to say about the attack:

“We recently discovered a new CPU microarchitecture attack vector.  The nature of the leakage is due to execution engine sharing on SMT (e.g., Hyper-Threading) architecture.

More specifically, we detect port contention to construct a timing side channel to exfiltrate information from processes running in parallel on the same physical core.”

In plain English, the vulnerability allows hackers to run a PortSmash process alongside a selected process running on the same CPU core. In doing so, the ProtSmash process can spy on that application and even lift data from it as desired by the hackers.

The team released a proof of concept on Github and demonstrated their ability to steal private decryption keys.

So far, the team has confirmed that the exploit works on Intel’s Skylake and Kaby Lake processors, but there’s strong circumstantial evidence that with modifications, the exploit would work on other chipsets as well, including those developed by rival AMD.

The reason for this is because the researchers believe SMT to be fundamentally flawed. It shares resources between two CPU instances while not providing any form of security differentiators between the two instances.

The research team responsibly reported the flaw to Intel, but the company did not respond in a timely manner, so the team published their findings, which prompted action by Intel.  The company released a security patch on November 1.

Chris Forte

Chris Forte, President and CEO of Olmec Systems, has been in the MSP workspace for the past 25 years. Chris earned his Master’s Degree from West Virginia University, graduating Magna Cum Laude. He was a past member of the Entrepreneurs’ Organization, a current member of the New Jersey Power Partners and Executive Association of New Jersey, where he has previously served on its board of directors. In his spare time, Chris enjoys traveling with his family. He also admits to being a struggling golfer and avid watcher of college football and basketball. He currently lives in Boonton Township, NJ with his wife, two daughters, son, and black lab Luna.