New Security Flaw Discovered In Intel Haswell Chips That Could Affect Cloud Services
According to researchers at the University of California, Intel’s Haswell chips might suffer for a serious security flaw that allows attackers to bypass Address Space Layout Randomization. ASLR is responsible for protecting the system from buffer overflow attacks.
As the name suggests, ASLR randomises the memory space which means attackers have to guess the area of the memory which currently contains the data they wish to attack. However, in the case of Haswell chips, the branch target buffer table used by the branch predictor can be exploited as a way to determine where in the memory specific code is in.
While the security breach itself doesn’t allow for remote execution of codes, it can lead to privilege escalation exploits or even breaking free of sandboxes and virtual machines. One field that can be severely impacted by this is cloud service providers.
Theoretically, the exploiters can break free of their own VM server provided by the cloud service and then head on to attack other customers which are using the same cloud service. While the exploit can affect any OS, some might be impacted less severely.
Intel has reported that they are investigating the issue so we hope to hear back from them soon. Despite it being a hardware issue, a microcode update may be able to fix the issue. However, that may lead to a performance hit depending on what is required for the fix.
For now, there is no word yet if pre-Haswell CPUs are impacted or post-Haswell CPUs as well. That doesn’t mean that those generations of Intel processors are immune from other issues. Major bugs are pretty much a given when it comes to newer hardware.
Another famous issue which Intel faced was with Sandybridge processors where SATA-II ports would fail over time forcing Intel to issue a recall order on the affected 67-series motherboards and processor sales were put on hold for a while.