1 min read

Yet Another Meltdown – A Microarchitectural Fill Buffer Data Sampling Vulnerability (CVE-2018-12130)

Bogdan BOTEZATU

May 15, 2019

Yet Another Meltdown – A Microarchitectural Fill Buffer Data Sampling Vulnerability (CVE-2018-12130)

More than one year ago, security researchers at Google Project Zero have disclosed a series of hardware vulnerabilities affecting Intel® x86 microprocessors. Leveraging a feature of modern processors called speculative execution, as well as timing responses, this family of flaws in hardware defeats the architectural safeguards of the processor and allows unprivileged user-mode applications to steal kernel-mode memory information processed on the affected computer.

Bitdefender Senior Researchers Dan Horea LUȚAȘ and Andrei Vlad LUȚAȘ, who spearhead the company’s threat research efforts as part of the Exploit Detection and Mitigation technologies for Bitdefender, and Hypervisor Introspection and Memory Protection program, respectively, have uncovered in August 2018 a new vulnerability that shares similarities with Meltdown.

This new vulnerability found by Bitdefender can be used by determined hackers to leak privileged data from an area of the memory that hardware safeguards deem off-limits. This flaw can be weaponized in highly targeted attacks that would normally require either system-wide privileges or deep subversion of the operating system to achieve similar results.

Of particular importance is the impact of this vulnerability on cloud service providers and multi-tenant environments, where virtualized instances sharing the same hardware can be used to read sensitive data belonging to other customers.

The proof of concept code shared privately with the vendor at the time of discovery has proven effective on several Intel® CPU microarchitectures. A technical demonstration of the vulnerability is described in a whitepaper available for download below

Read more about the vulnerability on the Intel Security Center.

We will update this post as more related work is currently documented.

tags


Author



Right now

Top posts

LuminousMoth – PlugX, File Exfiltration and Persistence Revisited

LuminousMoth – PlugX, File Exfiltration and Persistence Revisited

July 21, 2021

9 min read
How We Tracked a Threat Group Running an Active Cryptojacking Campaign

How We Tracked a Threat Group Running an Active Cryptojacking Campaign

July 14, 2021

10 min read
A Note from the Bitdefender Labs Team on Ransomware and Decryptors

A Note from the Bitdefender Labs Team on Ransomware and Decryptors

May 26, 2021

2 min read
New Nebulae Backdoor Linked with the NAIKON Group

New Nebulae Backdoor Linked with the NAIKON Group

April 28, 2021

1 min read
Good riddance, GandCrab! We’re still fixing the mess you left behind.

Good riddance, GandCrab! We’re still fixing the mess you left behind.

June 17, 2019

5 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

LuminousMoth – PlugX, File Exfiltration and Persistence Revisited LuminousMoth – PlugX, File Exfiltration and Persistence Revisited
Bogdan BOTEZATUVictor VRABIE
9 min read
Debugging MosaicLoader, One Step at a Time Debugging MosaicLoader, One Step at a Time
Janos Gergo SZELESBogdan BOTEZATU
1 min read
How We Tracked a Threat Group Running an Active Cryptojacking Campaign How We Tracked a Threat Group Running an Active Cryptojacking Campaign
Bitdefender

July 14, 2021

10 min read