PortSmash Intel CPU Side-Channel Vulnerability [CVE-2018-5407]
Researchers have developed a new CPU side-channel attackcalled PortSmash which takes advantage of a vulnerability in Intel CPUs withsimultaneous multi-threading (SMT, known as Hyper-Threading on Intel devices)enabled.
A proof-of-concept exploit developed by the researchers uses a timing attack tosteal information from other processes running in the same CPU core with SMTenabled. Using this method, researchers were able to determine the privatedecryption key from an OpenSSL thread running in the same core as their exploit.
Affected Platforms
Intel Core – Skylake and Kaby Lake series CPUs with SMT enabled
OpenSSL – Version 1.1.0h and later
Resolution
At time of publication the only way to mitigatethis vulnerability is by disabling SMT/Hyper-Threading via the BIOS oroperating system.
Users and administrators are encouraged to visit the Intel Product SecurityCenter Advisories page and check for any advice or security updates that maybecome available.
Users and administrators of OpenSSL are encouraged to review the security fixesfor side channel attacks which can be found linked on the information SharingPortal and apply the necessary updates.
For further information see:
- CVE-2018-5407
- PortSmash Proof-of-Concept
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.