Yet Another Meltdown – A Microarchitectural Fill Buffer Data Sampling Vulnerability (CVE-2018-12130)

Yet Another Meltdown – A Microarchitectural Fill Buffer Data Sampling Vulnerability (CVE-2018-12130)

More than one year ago, security researchers at Google Project Zero have disclosed a series of hardware vulnerabilities affecting Intel® x86 microprocessors. Leveraging a feature of modern processors called speculative execution, as well as timing responses, this family of flaws in hardware defeats the architectural safeguards of the processor and allows unprivileged user-mode applications to steal kernel-mode memory information processed on the affected computer.

Bitdefender Senior Researchers Dan Horea LUȚAȘ and Andrei Vlad LUȚAȘ, who spearhead the company’s threat research efforts as part of the Exploit Detection and Mitigation technologies for Bitdefender, and Hypervisor Introspection and Memory Protection program, respectively, have uncovered in August 2018 a new vulnerability that shares similarities with Meltdown.

This new vulnerability found by Bitdefender can be used by determined hackers to leak privileged data from an area of the memory that hardware safeguards deem off-limits. This flaw can be weaponized in highly targeted attacks that would normally require either system-wide privileges or deep subversion of the operating system to achieve similar results.

Of particular importance is the impact of this vulnerability on cloud service providers and multi-tenant environments, where virtualized instances sharing the same hardware can be used to read sensitive data belonging to other customers.

The proof of concept code shared privately with the vendor at the time of discovery has proven effective on several Intel® CPU microarchitectures. A technical demonstration of the vulnerability is described in a whitepaper available for download below

Read more about the vulnerability on the Intel Security Center.

We will update this post as more related work is currently documented.