Security researchers have published their findings about a new attack that can hijack data from Intel CPUs. This technique illustrates a new approach that can be used to hack into computers that are running the company’s processors. It is called CrossTalk as it allows the hackers to execute code that will leak sensitive data from one of the cores.
Researchers Reveal The CrossTalk Intel CPU Data Hijack Method
The CrossTalk attack has been reported by security researchers from a Dutch university. Their findings indicate that this is a novel approach that can be undertaken by potential hackers. The bug was named this way as it enables the criminals to use specially devised code in order to “hijack” data from one of the running cores of the Intel CPU. This means that the criminals take advantage of the fact that modern processors utilize a multi-thread model — one core can run several threads which can have various processes allocated to them. This is done in order to optimize the performance of the systems.
CrossTalk is defined as a type of MDS (microarchitectural data sampling) attack, a type of hardware vulnerability that is specific to processor architecture. The principle of the attack scenario is that data can be leaked from the security boundaries. Any weak implementations or code that can be exploited in attacks of this category. In the majority of cases the criminals that follow this attack scenario will have access to the buffer that is shared between the cores. CrossTalk specifically allows the hackers to take the information stored in the CPU Line Fill Buffer, a temporary storage for memory shared by all CPU cores.
A proof of demonstration video published online shows how the research team can carry out the attack. The security experts stated that they have been working with Intel since September 2018 in order to address the issue.
Following the public disclosure of the threat and the posting of detailed information about CrossTalk Intel has released microcode Patches to address the issue. The company refers to the attacks under an alternative name, naming them Special Register Buffer Data Sampling. A security advisory has been posted under the ID of CVE-2020-0543, the corresponding Intel advisory is labeled as Intel-SA-00320.
As of writing this article no reported real-world exploits have been reported. It is advised that all owners of Intel processor equipped update their systems with the latest microcode patch.