After LVI-LFB, Intel Processors Affected by New Snoop Vulnerability

  • It is a variant of a domain-bypass transient execution vulnerability.
  • The vulnerability, tracked as CVE-2020-0550, has been assigned a CVSS score of 5.6.

Intel processors are vulnerable to a newly found vulnerability that can cause a leak of data from the CPU’s internal memory. Tracked as ‘Snoop-assisted L1 Data Sampling’, the vulnerability takes advantage of CPU mechanisms like multiple cache levels, cache coherence, and bus snooping.

More details about the vulnerability
Described by Intel, the new ‘Snoop-assisted L1 Data Sampling’ is a variant of a domain-bypass transient execution attack. The vulnerability has been assigned CVE-2020-0550 with a CVSS score of 5.6.

Impact
Intel reports that under certain conditions, malicious code could tap into the bus snooping operation and trigger errors that cause the leak of data from the cache coherence process -- currently being modified in the L1D cache.

“On certain processors and under certain conditions, data in a modified cache line that is being returned in response to a snoop may also be forwarded to a faulting, microarchitectural assist, or Intel® Transactional Synchronization Extensions (Intel® TSX) asynchronous aborting load operation to a different address that occurs simultaneously,” explains Intel in a blog post.

A list of Intel processors impacted by the issue is available here. The list includes Intel series like Core and Xeon processors.

How to mitigate?
The CPU maker has concluded that patches released in August 2018 to address the Foreshadow (L1TF) vulnerability can effectively fix the issue.

However, the primary downside of this vulnerability is that it is hard to pull off and does not return large quantities of data.