Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Data Disclosure Attack. Show all posts

New SmashEx Attack Breaks Intel SGX Enclaves

 

A recently disclosed vulnerability affecting Intel CPUs could be used by attackers to get access to sensitive information kept within enclaves and potentially run arbitrary code on vulnerable systems. 

The vulnerability (CVE-2021-0186, CVSS score: 8.2) was found in early May 2021 by a group of academics from ETH Zurich, the National University of Singapore, and the Chinese National University of Defense Technology, who utilized it to perform a confidential data disclosure attack called "SmashEx" that can distort and compromise private data stored in the enclave. 

SGX (short for Software Guard eXtensions) was introduced with Intel's Skylake processors which allow developers to operate selected application modules in a totally isolated secure compartment of memory known as an enclave or a Trusted Execution Environment (TEE). It is designed to be guarded against processes running at higher privilege levels such as the operating system. Even if a computer's operating system has been tampered with or is under assault, SGX assures that data remains safe. 

The research stated, "For normal functioning, the SGX design allows the OS to interrupt the enclave execution through configurable hardware exceptions at any point." 

"This feature enables enclave runtimes (e.g., Intel SGX SDK and Microsoft Open Enclave) to support in-enclave exception or signal handling, but it also opens up enclaves to re-entrancy bugs. SmashEx is an attack which exploits enclave SDKs which do not carefully handle re-entrancy in their exceptional handling safely." 

Outside Calls, or OCALLS, enable enclave functions to call out to the untrusted programme and subsequently return to the enclave. However, when the enclave additionally handles in-enclave exceptions (e.g., timer interrupt or division-by-zero), the vulnerability allows a local attacker to take over the control flow of execution by injecting an asynchronous exception soon after the enclave is entered. 

With this power, the attacker can then damage the in-enclave memory, allowing sensitive data such as RSA private keys to leak or malicious code to be executed. Because SmashEx impacts runtimes that assist in-enclave exception handling, the researchers stated that "such OCALL return flow and the exception handling flow should be written with care to ensure that they interleave safely," and that "when the OCALL return flow is interrupted, the enclave should be in a consistent state for the exception handling flow to progress correctly, and when the exception handling flow completes, the enclave state should also be ready for the enclave to progress correctly." 

Since then, Intel has launched software updates to address this vulnerability, including SGX SDK versions 2.13 and 2.14 for Windows and Linux, respectively. Microsoft fixed the problem (CVE-2021-33767) in its July 2021 Patch Tuesday updates with Open Enclave version 0.17.1 of the SDK. The results of the research team are anticipated to be disclosed next month at the ACM Conference on Computer and Communications Security.  

The researchers stated, "Asynchronous exception handling is a commodity functionality for real-world applications today, which are increasingly utilizing enclaves and highlighted "the importance of providing atomicity guarantees at the OS-enclave interface for such exceptions."