A group of researchers hailing from half a dozen universities, as well as antivirus provider Bitdefender Holding BV, today detailed a flaw in Intel Corp. central processing units that can theoretically be exploited by hackers to steal data.

Intel has released a patch for the vulnerability in tandem with the disclosure.

The researchers have named the flaw Load Value Injection, or LVI for short. It shares similarities with the notorious Meltdown and Spectre exploits that were discovered in Intel’s processors a few years ago. Several members of the group that identified this latest flaw also played a part in uncovering Meltdown and Spectre. 

Like its predecessors, LVI exploits a weakness in a CPU feature known as speculative execution to facilitate attacks. Speculative execution is a method of improving processing speeds wherein a CPU guesses what computations a program will seek to carry out in the near future and performs those ahead of time. If the guess is wrong, the results are simply discarded.

Meltdown works by allowing hackers to read the results of speculative computations while the CPU waits to see if they are correct. It thus becomes possible to view the data being processed by a vulnerable computer. LVI, in turn, relies on a related but different tactic, allowing an attacker to have the CPU run malicious code as if it were a legitimate speculative computation.

“We smuggle — ‘inject’ — the attacker’s data through hidden processor buffers into a victim program and hijack transient execution to acquire sensitive information, such as the victim’s fingerprints or passwords,” the researchers explained in a website they’ve set up for LVI.

The exploit makes it possible steal data in SGX enclaves, isolated parts of an Intel processor’s memory used to store particularly important records such as encryption keys. Potentially, LVI could also enable hackers to infect vulnerable machines via malicious websites.

The good news for enterprises is that the severity of threat posed by the vulnerability is limited by the complexity of exploiting it in practice. “Due to the numerous complex requirements that must be satisfied to successfully carry out the LVI method, Intel does not believe LVI is a practical exploit in real world environments where the OS and VMM are trusted,” Intel said in an advisory today.

But some hackers may still attempt to take advantage of the flaw in certain situations. That’s because the software patch for LVI reduces CPU speeds by a factor of two to 17 depending on how it’s applied, a slowdown that’s expected to lead many administrators to avoid installing the fix. Intel plans to add hardware-level mitigations against LVI in future products to eliminate the risk of attacks.

Photo: Unsplash