Allele Security Intelligence - ASA-2019-00278 – Xen: Microarchitectural Data Sampling speculative side channel

Allele Security Alert

ASA-2019-00278

Identifier(s)

ASA-2019-00278, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091, XSA-297

Title

Microarchitectural Data Sampling speculative side channel

Vendor(s)

Linux Foundation

Product(s)

Xen

Affected version(s)

All versions of Xen running on x86 intel-based processors are affected

Fixed version(s)

Systems with the the following patches applied:

xsa297/xsa297-unstable-*.patch xen-unstable
xsa297/xsa297-4.12-*.patch Xen 4.12.x
xsa297/xsa297-4.11-*.patch Xen 4.11.x
xsa297/xsa297-4.10-*.patch Xen 4.10.x
xsa297/xsa297-4.9-*.patch Xen 4.9.x
xsa297/xsa297-4.8-*.patch Xen 4.8.x
xsa297/xsa297-4.7-*.patch Xen 4.7.x

Proof of concept

Unknown

Description

Microarchitectural Data Sampling refers to a group of speculative sidechannels vulnerabilities. They consist of:

CVE-2018-12126 – MSBDS – Microarchitectural Store Buffer Data Sampling
CVE-2018-12127 – MLPDS – Microarchitectural Load Port Data Sampling
CVE-2018-12130 – MFBDS – Microarchitectural Fill Buffer Data Sampling
CVE-2019-11091 – MDSUM – Microarchitectural Data Sampling Uncacheable Memory

These issues pertain to the Load Ports, Store Buffers and Fill Buffers in the pipeline. The Load Ports are used to service all memory reads. The Store Buffers service all in-flight speculative writes (including IO Port writes), while the Fill Buffers service all memory writes which are post-retirement, and no longer speculative.

Under certain circumstances, a later load which takes a fault or assist (an internal condition to processor e.g. setting a pagetable Access or Dirty bit) may be forwarded stale data from these buffers during speculative execution, which may then be leaked via a sidechannel.

MDSUM (Uncacheable Memory) is a special case of the other three. Previously, the use of uncacheable memory was believed to be safe against speculative sidechannels.

An attacker, which could include a malicious untrusted user process on a trusted guest, or an untrusted guest, can sample the content of recently-used memory operands and IO Port writes.

This can include data from:

A previously executing context (process, or guest, or hypervisor/toolstack) at the same privilege level.
A higher privilege context (kernel, hypervisor, SMM) which interrupted the attacker’s execution.

Vulnerable data is that on the same physical core as the attacker. This includes, when hyper-threading is enabled, adjacent threads.

An attacker cannot use this vulnerability to target specific data. An attack would likely require sampling over a period of time and the application of statistical methods to reconstruct interesting data.

Technical details

Unknown

Credits

Unknown

Reference(s)

Microarchitectural Data Sampling speculative side channel
https://xenbits.xen.org/xsa/advisory-297.html

Xen Security Advisory 297 v1 (CVE-2018-12126,CVE-2018-12127,CVE-2018-12130,CVE-2019-11091) – Microarchitectural Data Sampling speculative side channel
https://seclists.org/oss-sec/2019/q2/111

xsa297-4.7-1.patch
https://xenbits.xen.org/xsa/xsa297/xsa297-4.7-1.patch

xsa297-4.7-2.patch
https://xenbits.xen.org/xsa/xsa297/xsa297-4.7-2.patch

xsa297-4.7-3.patch
https://xenbits.xen.org/xsa/xsa297/xsa297-4.7-3.patch

xsa297-4.7-4.patch
https://xenbits.xen.org/xsa/xsa297/xsa297-4.7-4.patch

xsa297-4.7-5.patch
https://xenbits.xen.org/xsa/xsa297/xsa297-4.7-5.patch

xsa297-4.7-6.patch
https://xenbits.xen.org/xsa/xsa297/xsa297-4.7-6.patch

xsa297-4.7-7.patch
https://xenbits.xen.org/xsa/xsa297/xsa297-4.7-7.patch

xsa297-4.7-8.patch
https://xenbits.xen.org/xsa/xsa297/xsa297-4.7-8.patch

xsa297-4.8-1.patch
https://xenbits.xen.org/xsa/xsa297/xsa297-4.8-1.patch

xsa297-4.8-2.patch
https://xenbits.xen.org/xsa/xsa297/xsa297-4.8-2.patch

xsa297-4.8-3.patch
https://xenbits.xen.org/xsa/xsa297/xsa297-4.8-3.patch

xsa297-4.8-4.patch
https://xenbits.xen.org/xsa/xsa297/xsa297-4.8-4.patch