I-Retbleed, ubuthathaka obutsha bohlobo lweSpecter oluchaphazela i-Intel kunye ne-AMD

Ulwazi lwakhutshwa malunga ne-a uhlaselo olutsha apho i-Intel kunye ne-AMD processors zisengozini, uhlaselo oluqikelelwayo lwamva nje lunokuvuza ngokufihlakeleyo amagama ayimfihlo kunye nezinye iinkcukacha ezinovakalelo.

Ngaphantsi kwegama lekhowudi "I-Retbleed", uhlaselo lujolise kwii-retpolines, enye yeendlela zokukhusela ezicetywayo kwi-2018 ukunciphisa i-Specter, i-subset ye-microarchitectural timeing side-channel attack echaphazela ii-microprocessors zanamhlanje.

Bobabini abenzi beetshiphu baphinda bayasokola ukuqulatha into ejike ibe bubungozi obuzingileyo nobunenkani.

I-Rebleed bubuthathaka kutshanje ifunyenwe ngabaphandi kwi-Swiss Federal Institute of Technology (ETH) Zurich. Yathiywa njalo kuba isebenzisa ukhuselo lwesoftware eyaziwa ngokuba yi-retpoline.

Olu khuselo lwaziswa ngo-2018 ukunciphisa iziphumo eziyingozi zohlaselo oluqikelelwayo lokubulawa. Uhlaselo oluqikelelwayo lusebenzisa into yokuba xa abaqhubekekisi bale mihla bedibana nesebe lomyalelo othe ngqo okanye ongathanga ngqo, baqikelela idilesi yomyalelo olandelayo abaza kuwufumana kwaye bawuphumeze ngokuzenzekelayo phambi kokuba uqikelelo luqinisekiswe.

Uhlaselo oluqikelelwayo lusebenza ngokuqhatha iprosesa ukwenza umyalelo ofikelela kwidata enovakalelo kwinkumbulo eqhele ukwaliwa kwisicelo esivinjwe amathuba. Idata iyabuyiswa emva kokurhoxisa umsebenzi.

I-retpoline isebenza ngokusebenzisa uthotho lwemisebenzi yokubuyisela ukwahlula amasebe angathanga ngqo ohlaselo oluqikelelwayo lokubulawa, ukumisa ngokufanelekileyo isoftware elingana netrampoline ebabetha ngokukhuselekileyo. Ngamanye amazwi, i-retpoline isebenza ngokutshintsha imitsi kunye neefowuni ezingathanga ngqo kunye neembuyekezo.

Nangona kukho iinkxalabo, umngcipheko wokuziphatha kwangaphambili ukubuya kwiimfumba ezinzulu zokufowuna kwakujongwa njengephantsi kwaye ii-retpolines zaba yeyona ndlela yokunciphisa i-Specter. Abanye abaphandi baye balumkisa iminyaka ukuba olu khuselo alwanelanga ukunciphisa uhlaselo oluqikelelwayo, njengoko bekholelwa ukuba imbuyekezo esetyenziswe yi-retpoline yayichaphazeleka kwi-BTI. Umyili weLinux uLinus Torvalds uzikhabile ezo zilumkiso, exoxa ukuba izinto ezinjalo azinakwenzeka.

Nangona kunjalo, abaphandi be-ETH Zurich bafumanise ukuba imigodi, enyanisweni, ilungile. Abaphandi e-ETH Zurich babonise ngokucacileyo ukuba i-retpoline ayanelanga ukunqanda uhlaselo oluqikelelwayo lokubulawa. Ubungqina babo bengqiqo busebenza ngokuchasene neeprosesa ze-Intel ezine-Kaby Lake kunye ne-Coffee Lake microarchitectures kunye ne-AMD Zen 1, i-Zen 1+ kunye ne-Zen 2 microarchitectures.

"Iziphumo zethu zibonisa ukuba yonke imiyalelo yokubuya elandela ii-stacks ezinzulu ngokwaneleyo inokugqithwa kusetyenziswa imbali yesebe echanekileyo kwi-Intel CPUs. Ngokubhekiselele kubaqhubekekisi be-AMD, sifumanisa ukuba nawuphi na umyalelo wokubuyiswa unokuqweqwediswa, kungakhathaliseki ukuba kukuphi na ukufowunelwa kwangaphambili, ukuba nje indawo ekufikelelwa kuyo isebe langaphambili ikhethwe ngokuchanekileyo ngexesha lokuqweqwediswa,” phawula i-L. ETH Zurich izifundiswa uJohannes Wikner noKaveh. Razavi kumsebenzi wabo wophando.

Ngokuyinene, I-malware kumatshini inokusebenzisa iRetbleed ukufumana inkumbulo ongenakufikelela kuyo, njengedatha yekernel yesixokelelwano, amagama agqithisiweyo, izitshixo, kunye nezinye iimfihlo. Ngokwezifundiswa, iSpecter Variant 2 ithathe ithuba lamasebe angathanga ngqo ukuphumeza ukubulawa okuqikelelwayo okungafunwayo kwikernel. Amasebe angathanga ngqo aguqulwa abe yimbuyekezo kusetyenziswa i-retpoline ukunciphisa iSpecter Variant 2. I-Retbleed ibonisa ukuba ngelishwa ibuyisela iingxelo ezivuzayo phantsi kweemeko ezithile ezifana namasebe angathanga ngqo.

Oku kuthetha ukuba, ngelishwa, i-retpoline yaba kukuthomalalisa okunganelanga ukuqala. Ngokutsho kwabaphandi, I-Retbleed inokuvuza inkumbulo kwi-Intel CPU cores ngesantya sekwaye malunga I-219 bytes ngesekhondi kunye nokuchaneka kwe-98%.

I-exploit inokukhupha imemori ephakathi ye-CPUs ye I-AMD ene-bandwidth ye-3,9 KB ngesekhondi. Abaphandi bathi bakwazi ukufumana kwaye bavuze i-hash ye-password yekhompyuter ye-Linux kwimemori yomzimba malunga nemizuzu engama-28 kunye nabaqhubekisi be-Intel kunye nemizuzu emi-6 kunye nabaqhubekekisi be-Intel AMD.

Iphepha lophando lwabaphandi kunye neposi yebhlog ichaza iimeko ze-microarchitectural eziyimfuneko ukuze kuqhutywe i-Retbleed. Kwi-Intel, imbuyekezo iqala ukuziphatha njengokutsiba okungathanga ngqo xa i-buffer ye-stack buffer, equlethe uqikelelo ekujoliswe kulo, iyaphuphuma.

“Oku kuthetha ukuba nayiphi na ingxelo esinokuyifumana ngokufowunelwa kwenkqubo inokusetyenziswa kakubi, kwaye zininzi,” babhale abaphandi. "Sikwafumanise ukuba ii-CPU ze-AMD zibonisa ukutsiba kwe-phantom (CVE-2022-23825): iingqikelelo zesebe ezenzeka nangona kungekho miyalelo yesebe ehambelanayo," bongeze watsho.

Kufuneka kuqatshelwe ukuba iinkqubo zeWindows azichaphazeleki, njengoko ezi nkqubo zisebenzisa i-Indirect Branch Restricted Speculation (IBRS) ngokungagqibekanga, ekwalunciphiso olufumanekayo kubasebenzisi beLinux.

Umthombo: https://comsec.ethz.ch


Yiba ngowokuqala ukuphawula

Shiya uluvo lwakho

Idilesi yakho ye email aziyi kupapashwa. ezidingekayo ziphawulwe *

*

*

  1. Uxanduva lwedatha: UMiguel Ángel Gatón
  2. Injongo yedatha: Ulawulo lwe-SPAM, ulawulo lwezimvo.
  3. Umthetho: Imvume yakho
  4. Unxibelelwano lwedatha: Idatha ayizukuhanjiswa kubantu besithathu ngaphandle koxanduva lomthetho.
  5. Ukugcinwa kweenkcukacha
  6. Amalungelo: Ngalo naliphi na ixesha unganciphisa, uphinde uphinde ucime ulwazi lwakho.