Ruzivo rwakaburitswa nezve kurwiswa kutsva kweIntel processors - AEPIC Leak (CVE-2022-21233), izvo zvinotungamira mukuburitswa kwechakavanzika data kubva kune yakazvimiririra Intel SGX (Software Guard eXtensions) enclaves. Nyaya iyi inobata zvizvarwa gumi, gumi nembiri uye gumi nemaviri zveIntel CPUs (kusanganisira iyo itsva Ice Lake neAlder Lake nhevedzano) uye inokonzerwa nekukanganisa kwekuvaka kunobvumira kuwana uninitialized data yakasara muAPIC (Advanced Programmable Interrupt Controller) marejista mushure mekushanda kwakapfuura. .
Kusiyana neSpecter kirasi kurwiswa, kuvuza muAEPIC Leak kunoitika pasina kushandisa nzira dzekudzoreredza kuburikidza neyechitatu-bato chiteshi - ruzivo nezve zvakavanzika data inofambiswa zvakananga nekuwana zviri mukati marejista anoratidzwa muMMIO (memory-mapped I/O) ndangariro peji. . Kazhinji, kurwiswa kunokubvumira kuti uone iyo data inotamiswa pakati pechipiri uye yekupedzisira nhanho cache, kusanganisira zviri mukati marejista uye mhedzisiro yekuverenga mashandiro kubva mundangariro, ayo akambogadziriswa pane imwechete CPU musimboti.
Sezvo kuita kurwisa kunofanirwa kuwana mapeji emuviri eAPIC MMIO, i.e. inoda kodzero dzemutongi, iyo nzira inongogumira pakurwisa SGX enclaves uko maneja asina kuwana zvakananga. Vatsvagiri vakagadzira maturusi anovabvumira kuona makiyi eAES-NI neRSA akachengetwa muSGX, pamwe neIntel SGX certification kiyi uye pseudo-random nhamba jenareta paramita mukati memasekondi mashoma. Iyo kodhi yekurwiswa yakaburitswa paGitHub.
Intel yakazivisa gadziriso muchimiro cheiyo microcode yekuvandudza iyo ichaita tsigiro yebuffer flushing uye kuwedzera mamwe matanho ekudzivirira enclave data. Iyo nyowani SDK kuburitswa kweIntel SGX yakagadziridzwawo neshanduko kudzivirira kudonha kwedata. Vagadziri ve masisitimu anoshanda uye hypervisors vanokurudzirwa kushandisa x2APIC modhi panzvimbo yenhaka xAPIC modhi, umo MSR marejista anoshandiswa panzvimbo yeMMIO kuwana APIC marejista.
Source: opennet.ru