CacheOut is a new vulnerability in Intel processors
Security researchers at the University of Michigan have just disclosed details of vulnerabilities affecting multiple Intel processors. As a speculative execution attack, the CacheOut vulnerability numbered CVE-2020-0549 can be exploited to leak sensitive data with a medium risk level. As announced by Intel, “Referred to as L1D Eviction Sampling, the severity score is higher on this one because the attack complexity is lower and the ability to target specific data higher. This vulnerability has little to no impact in virtual environments that have applied L1 Terminal Fault mitigations.”
Unlike previous microarchitecture data sampling (MDS) issues, attackers can use this new vulnerability to select data to leak without having to wait for data to be available.
Researchers have proven that this attack can bypass almost all hardware-based security domains, including co-resident virtual machines, OS kernels, and even software protection extensions (SGX).
Intel plans to release microcode updates for the affected processors via the IPU platform in the near future. Interested users can view the full text of this issue.
The good news is that AMD chips are not affected by the CacheOut vulnerability.