Security Advisory – Meltdown & Spectre information leakage attacks

January 5, 2018

Summary: A novel side-channel information leakage attack was made public this week which leverages the speculative execution features inherent within most modern processors, including those from Intel, AMD, and ARM. Several instantiations of this attack, known as Meltdown and Spectre, have been detailed by the Google Project Zero team. These vulnerabilities enable an attacker with local execution context to potentially infer (but not modify) the contents of memory across security boundaries which they would otherwise not be able to access. In particular, an attacker with user-level execution capabilities can utilize these attacks to access memory in other processes, the OS kernel, virtual machines, and hypervisor memory. Mitigations to the attacks are currently being implemented within multiple operating systems, including Star Lab’s Crucible product suite.

Impact: Most operating systems and hypervisors are vulnerable to the chip-level vulnerabilities detailed in the Meltdown and Spectre reports. Star Lab’s Crucible┬« secure embedded virtualization product is built upon the Xen Project hypervisor, and benefits from the mitigations being implemented within Xen. Star Lab’s LURE Linux Hardening product is only susceptible to the Meltdown and Spectre vulnerabilities to the same degree as the host Linux kernel. Protections for the Linux kernel include the KPTI build option from the KAISER patchset, the Retpoline construct proposed by Google, and recompiling the kernel and security-sensitive processes to remove bytecode interpreters and JIT engines.

Response: The open-source community continues to lead in responsiveness to this emerging threat – with expedient and effective mitigations to these chip-level security issues. Star Lab is in the process of updating both Crucible and LURE to mitigate the impact of the Meltdown and Spectre attacks. A product security advisory containing specific technical details of the mitigations being implemented and deployed within both products is available to current Star Lab customers.