L1D Eviction Sampling, L1DES or also known CacheOut is one of the new threats that are added to the list of acquaintances that allow the possibility of attacking Intel CPUs through the execution of speculative code. This is the third time in less than a year that Intel has presented a new set of vulnerabilities related to the speculative functionality of its processors.
Since the beginning of Intel's problems began with Specter and Meltdown, and that later gave way to more vulnerabilities identified since then, including SPOILER, Foreshadow, SwapGS, ZombieLoad, RIDL and Fallout. Well, the new attacks affect Intel CPUs manufactured before the fourth quarter of 2018.
Unlike MDS (Microarchitectural Data Sampling) vulnerabilities, according to the CacheOut website:
An attacker can use the caching mechanisms of CPUs to specifically target the data to be filtered.
Its discoverers see the vulnerability CacheOut as another attack on speculative execution and a indirect consequence of Specter and Meltdown.
And it is that the VUSec researchers seem to have discovered the vulnerability in parallel, because according to the CVE, CacheOut is identical to a RIDL variant, which its discoverers refer to as L1DES (they follow Intel's official name as L1D Eviction Sampling)
At a high level, CacheOut forces contention on the L1-D cache to evict the data it points to from the cache. We describe two variants.
First, in the event that the cache contains data modified by the victim, the content of the cache line travels through the LFBs as it is written to memory.
Second, when the attacker wants to leak data that the victim does not modify, the attacker first evicts the data from the cache and then gets it as it transits through line-fill buffers to satisfy a simultaneous read from the victim.
Intel's collapse defense mechanisms would have no effect against CacheOut, but they help that the vulnerability could not be exploited through the browser.
VUSec also offers a proof of concept exploit for the vulnerability on Github. The vulnerability carries the CVE-2020-0549 as CacheOut.
While Intel also assigns its own code (INTEL-SA-00329) and classifies it as moderate (6.5). According to Intel itself, data in the L1 data cache (L1D) can be redirected to an unused L1D buffer (padding buffer).
Data can be specifically filtered and read from this padding buffer via side channel attacks. Therefore, Intel calls this reading method L1D Eviction Sampling and considers potential victims as a subset of L1TF (Foreshadow and Foreshadow-NG). Unlike Foreshadow, attackers shouldn't be able to specifically query physical addresses with CacheOut.
The other of the vulnerabilities that have been revealed and Intel tracks as Vector Register Sampling (RSV), It is the least critical since Intel says that this flaw is less serious because the complexity of the attack is high and the chances of an attacker obtaining relevant data are low. Besides that VRS is also considered a new variant of the RIDL attack.
VRS is related to a leak in the Store Buffer of the results of the read operations of the vector registers that were modified during the execution of the vector instructions (SSE, AVX, AVX-512) in the same CPU core.
The leak occurs in a very special set of circumstances and is caused by the fact that a speculative operation performed, leading to the reflection of the state of the vector records in the storage buffer, is delayed and terminated after the buffer, and not before.
Finally, Intel announced that in a matter of weeks it would have the updates ready relevant to fix these faults.
While for AMD, ARM and IBM CPUs they are not affected by these vulnerabilities.
The exploits of the vulnerabilities can be found in the following links.