Recently the tech world are coming after the names like Downfall, Inception, Zenbleed, Meltdown and Spectre might describe something almost as insidious: They are all central processing unit-based security vulnerabilities that have been uncovered in the past several years.
The first three of most recently and the last two harking back to 2018 involve very specific attacks on hardware-level commands of various chips made or designed by Intel, Arm, and AMD. All have required or will require patching with operating system updates and chip firmware updates.
For the new ones. Both Intel and AMD have already issued operating system-level updates, and neither is aware of any active exploits happening in the wild. The firmware updates will take time to be developed by the chip manufacturers and then make their way to motherboard providers.
Downfall was discovered by Daniel Moghimi, a senior researcher at Google. He presented how the attack at the annual Black Hat Vegas conference, showing how the bug can be used to steal encryption keys from other users running on a specific server, or steal random data from the Linux kernel. Both of these exploits are documented on his attack website.
He disclosed the problem about a year ago, and Intel claims it affects a wide collection of Core-based CPUs, covering PCs sold for the past nine years.
Inception is a combination of attacks that were discovered by a group of Zurich-based researchers. “Inception plants an idea in the CPU while it is in a sense dreaming,” the researchers said in their report, and that forces the processor to take wrong actions and allowing an attacker to hijack the machine.
It affects AMD Zen v.3 and v.4 chipsets, including Ryzens and Threadripper Pros. Some of the firmware updates are now available, with others expected before the end of the year. Earlier Zen v.2 chipsets had their own vulnerability called Zenbleed that was discovered by Google researcher Tavis Ormandy and fixed last month.
Both of the earlier attacks can take advantage of Intel, AMD, and Arm chipsets going back to 1995. These flaws are quite pervasive across almost everything that has a CPU in it, including phones, cars, and numerous embedded devices. On a public cloud server, it’s possible for software in a guest virtual machine to drill down into the host machine’s physical memory and steal data from other customers’ virtual machines.
The 2018 attacks were discovered independently by various security researchers, including Google’s Project Zero. Both of these take advantage of a special series of CPU instructions called speculative execution and can be used either to steal kernel-level data, in the case of Meltdown, or to steal from other apps running on the same system, in the case of Spectre.
For most organizations whose business model depends on the performance of a large fleet of servers, a performance drop will be the most noticeable impact of anti-Spectre measures. Most security experts recommend the usual advice, to patch where appropriate and develop update plans as newer exploits develop.
Despite the research on all of these exploits, they may not have a practical value because researchers create ideal conditions for the attacks. The possibility of an actual attack to be unlikely. At this moment, there is no immediate threat of exploitation of Spectre vulnerabilities in real conditions. All known attacks are extremely complex and require the highest skill of the attacker.