{"id":104811,"date":"2022-08-11T03:36:41","date_gmt":"2022-08-11T01:36:41","guid":{"rendered":"https:\/\/prohoster.info\/blog\/novosti-interneta\/aepic-leak-ataka-privodyashhaya-k-utechke-klyuchej-iz-anklavov-intel-sgx"},"modified":"2022-08-11T03:36:41","modified_gmt":"2022-08-11T01:36:41","slug":"aepic-leak-ataka-privodyashhaya-k-utechke-klyuchej-iz-anklavov-intel-sgx","status":"publish","type":"post","link":"https:\/\/prohoster.info\/de\/blog\/novosti-interneta\/aepic-leak-ataka-privodyashhaya-k-utechke-klyuchej-iz-anklavov-intel-sgx","title":{"rendered":"AEPIC Leak \u2014 ein Angriff, der zu einem Schl\u00fcsselverlust aus Intel SGX-Enklaven f\u00fchrt.","gt_translate_keys":[{"key":"rendered","format":"text"}]},"content":{"rendered":"<p>Neue Informationen zu einem Angriff auf Intel-Prozessoren \u2013 AEPIC Leak (CVE-2022-21233) \u2013 wurden ver\u00f6ffentlicht, der zu einem Datenleck vertraulicher Informationen aus isolierten Intel SGX-Enclaves (Software Guard eXtensions) f\u00fchrt. Das Problem betrifft die Intel-CPUs der 10., 11. und 12. Generation (einschlie\u00dflich der neuen Serien Ice Lake und Alder Lake) und ist aufgrund eines architektonischen Fehlers entstanden, der es erm\u00f6glicht, nicht initialisierte Daten, die nach fr\u00fcheren Operationen in den APIC-Registern (Advanced Programmable Interrupt Controller) verbleiben, zuzugreifen.     <\/p>\n<p>Im Gegensatz zu Spectre-\u00e4hnlichen Angriffen erfolgt das Datenleck im AEPIC Leak ohne Methoden zur Wiederherstellung \u00fcber seitliche Kan\u00e4le \u2013 vertrauliche Informationen werden direkt durch den Zugriff auf den Inhalt der Register \u00fcber die MMIO-Speicherseite (memory-mapped I\/O) \u00fcbertragen. Im Allgemeinen erm\u00f6glicht der Angriff die Bestimmung von Daten, die zwischen den zweiten und letzten Cache-Ebenen ausgetauscht werden, einschlie\u00dflich des Inhaltes der Register und der Ergebnisse von Speicherlesevorg\u00e4ngen, die zuvor auf demselben CPU-Kern verarbeitet wurden.     <\/p>\n<p>Da f\u00fcr einen Angriff der Zugriff auf die physischen Seiten des APIC MMIO erforderlich ist, sind Administratorprivilegien notwendig. Daher ist die Methode auf Angriffe auf SGX-Enklaven beschr\u00e4nkt, zu denen Administratoren keinen direkten Zugang haben. Forscher haben ein Tool entwickelt, mit dem in wenigen Sekunden die in SGX gespeicherten AES-NI- und RSA-Schl\u00fcssel sowie die Intel SGX Attestierungsschl\u00fcssel und Parameter des Pseudozufallszahlengenerators bestimmt werden k\u00f6nnen. Der Code f\u00fcr die Durchf\u00fchrung des Angriffs wurde auf GitHub ver\u00f6ffentlicht.     <\/p>\n<p>Das Unternehmen Intel hat die Vorbereitung eines Mikrocode-Updates angek\u00fcndigt, das die Unterst\u00fctzung f\u00fcr das L\u00f6schen von Puffern und zus\u00e4tzliche Ma\u00dfnahmen zum Schutz der Daten in Enklaven enth\u00e4lt. Au\u00dferdem wurde eine neue Version des SDK f\u00fcr Intel SGX mit \u00c4nderungen vorbereitet, die Datenlecks verhindern. Entwicklern von Betriebssystemen und Hypervisoren wird empfohlen, anstelle des veralteten xAPIC-Modus den x2APIC-Modus zu verwenden, bei dem f\u00fcr den Zugriff auf die APIC-Register anstelle von MMIO MSR-Register genutzt werden.<br \/>\n<br \/>Quelle: <a content=\"nofollow\" rel=\"nofollow\" href=\"https:\/\/www.opennet.ru\/opennews\/art.shtml?num=57623\">opennet.ru<\/a> <\/p>","protected":false,"gt_translate_keys":[{"key":"rendered","format":"html"}]},"excerpt":{"rendered":"<p>\u0420\u0430\u0441\u043a\u0440\u044b\u0442\u044b \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043e \u043d\u043e\u0432\u043e\u0439 \u0430\u0442\u0430\u043a\u0435 \u043d\u0430 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u044b Intel &#8212; AEPIC Leak (CVE-2022-21233), \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0435\u0439 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438\u0437 \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0430\u043d\u043a\u043b\u0430\u0432\u043e\u0432 Intel SGX (Software Guard eXtensions). \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 10, 11 \u0438 12 \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f CPU Intel (\u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043d\u043e\u0432\u044b\u0435 \u0441\u0435\u0440\u0438\u0438 Ice Lake \u0438 Alder Lake) \u0438 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u043d\u043e\u0439 \u043d\u0435\u0434\u043e\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043d\u0435\u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u043e\u0441\u0442\u0430\u0432\u0448\u0438\u043c\u0441\u044f \u0432 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0445 APIC [&hellip;]<\/p>\n","protected":false,"gt_translate_keys":[{"key":"rendered","format":"html"}]},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[702],"tags":[],"class_list":["post-104811","post","type-post","status-publish","format-standard","hentry","category-novosti-interneta"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.10 - aioseo.com -->\n\t<meta name=\"description\" content=\"\u0420\u0430\u0441\u043a\u0440\u044b\u0442\u044b \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043e \u043d\u043e\u0432\u043e\u0439 \u0430\u0442\u0430\u043a\u0435 \u043d\u0430 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u044b Intel - AEPIC Leak (CVE-2022-21233), \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0435\u0439 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438\u0437 \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0430\u043d\u043a\u043b\u0430\u0432\u043e\u0432 Intel SGX (Software Guard eXtensions). \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 10, 11 \u0438 12 \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f CPU Intel (\u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043d\u043e\u0432\u044b\u0435 \u0441\u0435\u0440\u0438\u0438 Ice Lake \u0438 Alder Lake) \u0438 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u043d\u043e\u0439 \u043d\u0435\u0434\u043e\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043d\u0435\u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u043e\u0441\u0442\u0430\u0432\u0448\u0438\u043c\u0441\u044f \u0432 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0445 APIC\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<meta name=\"author\" content=\"Yuri Gagarin\"\/>\n\t<link rel=\"canonical\" href=\"https:\/\/prohoster.info\/de\/blog\/novosti-interneta\/aepic-leak-ataka-privodyashhaya-k-utechke-klyuchej-iz-anklavov-intel-sgx\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.10\" \/>\n\t\t<meta property=\"og:locale\" content=\"de_DE\" \/>\n\t\t<meta property=\"og:site_name\" content=\"ProHoster | \u041a\u0443\u043f\u0438\u0442\u044c \u043d\u0430\u0434\u0435\u0436\u043d\u044b\u0439 \u0445\u043e\u0441\u0442\u0438\u043d\u0433 \u0434\u043b\u044f \u0441\u0430\u0439\u0442\u043e\u0432 \u0441 \u0437\u0430\u0449\u0438\u0442\u043e\u0439 \u043e\u0442 DDoS, VPS VDS \u0441\u0435\u0440\u0432\u0435\u0440\u044b\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"\ud83e\udd47AEPIC Leak \u2014 \u0430\u0442\u0430\u043a\u0430, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u043a\u043b\u044e\u0447\u0435\u0439 \u0438\u0437 \u0430\u043d\u043a\u043b\u0430\u0432\u043e\u0432 Intel SGX | ProHoster\" \/>\n\t\t<meta property=\"og:description\" content=\"\u0420\u0430\u0441\u043a\u0440\u044b\u0442\u044b \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043e \u043d\u043e\u0432\u043e\u0439 \u0430\u0442\u0430\u043a\u0435 \u043d\u0430 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u044b Intel - AEPIC Leak (CVE-2022-21233), \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0435\u0439 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438\u0437 \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0430\u043d\u043a\u043b\u0430\u0432\u043e\u0432 Intel SGX (Software Guard eXtensions). \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 10, 11 \u0438 12 \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f CPU Intel (\u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043d\u043e\u0432\u044b\u0435 \u0441\u0435\u0440\u0438\u0438 Ice Lake \u0438 Alder Lake) \u0438 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u043d\u043e\u0439 \u043d\u0435\u0434\u043e\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043d\u0435\u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u043e\u0441\u0442\u0430\u0432\u0448\u0438\u043c\u0441\u044f \u0432 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0445 APIC\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/prohoster.info\/de\/blog\/novosti-interneta\/aepic-leak-ataka-privodyashhaya-k-utechke-klyuchej-iz-anklavov-intel-sgx\" \/>\n\t\t<meta property=\"og:image\" content=\"https:\/\/prohoster.info\/wp-content\/uploads\/2021\/11\/logo-350.jpg\" \/>\n\t\t<meta property=\"og:image:secure_url\" content=\"https:\/\/prohoster.info\/wp-content\/uploads\/2021\/11\/logo-350.jpg\" \/>\n\t\t<meta property=\"og:image:width\" content=\"350\" \/>\n\t\t<meta property=\"og:image:height\" content=\"350\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2022-08-11T01:36:41+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2022-08-11T01:36:41+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/prohoster\" \/>\n\t\t<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/prohoster\" \/>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"\ud83e\udd47AEPIC Leak \u2014 ein Angriff, der zur Offenlegung von Schl\u00fcsseln aus Intel SGX-Enclaves f\u00fchrt | ProHoster","description":"Es wurden Informationen zu einer neuen Angriffsmethode auf Intel-Prozessoren - AEPIC Leak (CVE-2022-21233) - ver\u00f6ffentlicht, die zu einem Datenleck sensibler Informationen aus isolierten Intel SGX-Enclaves (Software Guard Extensions) f\u00fchrt. Das Problem betrifft die 10., 11. und 12. Generation von Intel-CPUs (einschlie\u00dflich der neuen Serien Ice Lake und Alder Lake) und resultiert aus einem architektonischen Mangel, der den Zugriff auf nicht initialisierte Daten erm\u00f6glicht, die in den APIC-Registern verblieben sind.","canonical_url":"https:\/\/prohoster.info\/de\/blog\/novosti-interneta\/aepic-leak-ataka-privodyashhaya-k-utechke-klyuchej-iz-anklavov-intel-sgx","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":null,"og:locale":"de_DE","og:site_name":"ProHoster | \u041a\u0443\u043f\u0438\u0442\u044c \u043d\u0430\u0434\u0435\u0436\u043d\u044b\u0439 \u0445\u043e\u0441\u0442\u0438\u043d\u0433 \u0434\u043b\u044f \u0441\u0430\u0439\u0442\u043e\u0432 \u0441 \u0437\u0430\u0449\u0438\u0442\u043e\u0439 \u043e\u0442 DDoS, VPS VDS \u0441\u0435\u0440\u0432\u0435\u0440\u044b","og:type":"article","og:title":"\ud83e\udd47AEPIC Leak \u2014 \u0430\u0442\u0430\u043a\u0430, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u043a\u043b\u044e\u0447\u0435\u0439 \u0438\u0437 \u0430\u043d\u043a\u043b\u0430\u0432\u043e\u0432 Intel SGX | ProHoster","og:description":"\u0420\u0430\u0441\u043a\u0440\u044b\u0442\u044b \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043e \u043d\u043e\u0432\u043e\u0439 \u0430\u0442\u0430\u043a\u0435 \u043d\u0430 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u044b Intel - AEPIC Leak (CVE-2022-21233), \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0435\u0439 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438\u0437 \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0430\u043d\u043a\u043b\u0430\u0432\u043e\u0432 Intel SGX (Software Guard eXtensions). \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 10, 11 \u0438 12 \u043f\u043e\u043a\u043e\u043b\u0435\u043d\u0438\u044f CPU Intel (\u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043d\u043e\u0432\u044b\u0435 \u0441\u0435\u0440\u0438\u0438 Ice Lake \u0438 Alder Lake) \u0438 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u043d\u043e\u0439 \u043d\u0435\u0434\u043e\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043d\u0435\u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u043e\u0441\u0442\u0430\u0432\u0448\u0438\u043c\u0441\u044f \u0432 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0445 APIC","og:url":"https:\/\/prohoster.info\/de\/blog\/novosti-interneta\/aepic-leak-ataka-privodyashhaya-k-utechke-klyuchej-iz-anklavov-intel-sgx","og:image":"https:\/\/prohoster.info\/wp-content\/uploads\/2021\/11\/logo-350.jpg","og:image:secure_url":"https:\/\/prohoster.info\/wp-content\/uploads\/2021\/11\/logo-350.jpg","og:image:width":350,"og:image:height":350,"article:published_time":"2022-08-11T01:36:41+00:00","article:modified_time":"2022-08-11T01:36:41+00:00","article:publisher":"https:\/\/www.facebook.com\/prohoster","article:author":"https:\/\/www.facebook.com\/prohoster"},"aioseo_meta_data":{"post_id":"104811","title":null,"description":null,"keywords":null,"keyphrases":null,"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":null,"og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":null,"robots_max_videopreview":null,"robots_max_imagepreview":"large","priority":null,"frequency":null,"local_seo":null,"seo_analyzer_scan_date":null,"breadcrumb_settings":null,"limit_modified_date":false,"reviewed_by":null,"ai":null,"created":"2022-08-11 01:37:52","updated":"2022-10-01 23:35:37"},"gt_translate_keys":[{"key":"link","format":"url"}],"_links":{"self":[{"href":"https:\/\/prohoster.info\/de\/wp-json\/wp\/v2\/posts\/104811","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/prohoster.info\/de\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/prohoster.info\/de\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/prohoster.info\/de\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/prohoster.info\/de\/wp-json\/wp\/v2\/comments?post=104811"}],"version-history":[{"count":0,"href":"https:\/\/prohoster.info\/de\/wp-json\/wp\/v2\/posts\/104811\/revisions"}],"wp:attachment":[{"href":"https:\/\/prohoster.info\/de\/wp-json\/wp\/v2\/media?parent=104811"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/prohoster.info\/de\/wp-json\/wp\/v2\/categories?post=104811"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/prohoster.info\/de\/wp-json\/wp\/v2\/tags?post=104811"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}