#VU15723 Side-channel attack in Kaby Lake and Intel Skylake
Vulnerability identifier: #VU15723
Vulnerability risk: Low
CVSSv3.1: 4.4 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C]
CVE-ID:
CWE-ID:
CWE-208
Exploitation vector: Local
Exploit availability: Yes
Vulnerable software:
Kaby Lake
Hardware solutions /
Firmware
Intel Skylake
Hardware solutions /
Firmware
Vendor: Intel
Description
The vulnerability allows a physical attacker to obtain potentially sensitive information.
The vulnerability exists due to due to execution of engine sharing on SMT (e.g.Hyper-Threading) architectures when improper handling of information by the processor. A physical attacker can construct a timing side channel to hijack information from processes that are running in the same core.
Note: the vulnerability has been dubbed as PortSmash microarchitecture bug.
Mitigation
Cybersecurity Help is currently unaware of any solutions addressing the vulnerability.
Vulnerable software versions
Kaby Lake: All versions
Intel Skylake: All versions
External links
http://github.com/bbbrumley/portsmash
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
