Many processors made by Intel are vulnerable to a newly disclosed type of attack named Load Value Injection (LVI), but the chip maker has told customers that the attack is not very practical in real world environments.
The vulnerability, tracked as CVE-2020-0551, was first reported to Intel in April 2019 by Jo Van Bulck from the KU Leuven research university in Belgium and it was analyzed by a team from universities in the United States, Austria and Australia, including some of the researchers who first discovered the Meltdown and Spectre vulnerabilities. A variation of the LVI attack, dubbed Load Value Injection in the Line Fill Buffers (LVI-LFB), was also reported to Intel by researchers at Bitdefender.
The LVI attack, described as a reverse Meltdown-type attack, allows malicious software installed on a device to gain access to potentially sensitive information. Michael Schwarz, one of the several Graz University of Technology researchers involved in the analysis of LVI, told SecurityWeek that remote exploitation of the vulnerability over the internet or the network is not possible.
The university researchers have also demonstrated that LVI attacks can be launched against Intel’s Software Guard Extensions (SGX), which allows developers to isolate application code and data in memory by leveraging hardware encryption.
“Being essentially a ‘reverse Meltdown’-type attack, LVI for the first time combines Spectre-style code gadgets in the victim domain with Meltdown-type microarchitectural data leakage from faulting or assisted load instructions to compose highly innovative and dangerous attacks that allow to directly inject attacker-controlled data into a victim's transient execution,” researchers explained.
Related: value injection intel vulnerable reverse meltdown attack
