Two vulnerabilities have been identified in the Linux kernel that allow the eBPF subsystem to bypass Specter v4 (SSB, Speculative Store Bypass) attack protection. Using an unprivileged BPF program, an attacker can create conditions for the speculative execution of certain operations and determine the contents of arbitrary areas of kernel memory. Escort eBPF subsystems in the kernel got access to a prototype exploit that demonstrates the possibility of committing attacks in practice. The problems have been fixed in the form of patches (1, 2) that will be part of the next Linux kernel update. Updates in distributions have not yet been formed (Debian, RHEL, SUSE, Arch, Fedora, Ubuntu).
The Specter 4 attack method is based on restoring data that has settled in the processor cache after discarding the result of speculative execution of operations when processing alternating write and read operations using indirect addressing. When a read operation follows a write operation (for example, mov [rbx + rcx], 0x0; mov rax, [rdx + rsi]), the read address offset may already be known due to similar operations being performed (read operations are performed much more frequently and a read can be performed from the cache) and the processor can speculatively perform a read before a write without waiting for the write indirection offset to be computed.
If, after calculating the offset, an intersection of memory areas for writing and reading is detected, the processor will simply discard the already speculatively obtained read result and repeat this operation. This feature allows the read instruction to access the old value at some address while the store operation has not yet completed. After discarding an unsuccessful speculative operation, traces of its execution remain in the cache, after which one of the methods for determining the contents of the cache based on the analysis of changes in the access time to cached and not cached data can be used to retrieve it.
The first vulnerability (CVE-2021-35477) is caused by a flaw in the BPF program verification mechanism. To protect against the Specter 4 attack, the verifier adds an additional instruction after potentially problematic store operations to memory, storing the value of zero to oust traces of the previous operation. The zero write operation was supposed to be very fast and block speculative execution, since it only depends on the pointer to the BPF stack frame. But in fact, it turned out to be possible to create conditions under which the instruction leading to speculative execution has time to be executed before the preemptive store operation.
The second vulnerability (CVE-2021-3455) is related to the fact that when potentially dangerous memory save operations are detected by the BPF verifier, uninitialized areas of the BPF stack are not taken into account, the first write operation to which is not protected. This feature leads to the possibility of performing a speculative read operation, dependent on an uninitialized memory area, before executing a store instruction. New memory for the BPF stack is allocated without checking the contents already in the allocated memory, and there is a way to manage the contents of the memory area that will then be allocated to the BPF stack before the BPF program starts.
Source: opennet.ru