Malicious race conditions enable an unauthorized expansion of rights in the system on AMD and Intel processors. Race conditions are constellations in which the result of an operation depends on the time-scheduled execution of certain other operations. Attackers can manipulate them to their advantage.
Advertisement
Intel lists the CVE number as CVE-2023-32282 on its advisory website a high Risk (CVSS score 7.2), but also indicates that attackers need local access to the system. The 10th, 11th and 12th Core i generations, Celeron and Pentium processors from this time as well as older Atom models are affected. Motherboard manufacturers should promptly distribute BIOS updates that close the security gap.
AMD hardly gives any details on its own website about the security vulnerability under the CVE number CVE-2024-2193. Behind this is a discovery by the VUSec group and IBM Research Europe, who have named the attack vector Speculative Race Conditions (SRCs) or Ghostrace.
New Specter V1 trick
In principle, all CPU manufacturers and instruction sets such as x86 and ARM should be affected. The VUSec writes about this:
“Race conditions occur when multiple threads attempt to access a shared resource without proper synchronization, often resulting in use-after-free vulnerabilities. To mitigate their occurrence, operating systems rely on synchronization mechanisms such as mutexes, Spinlocks and so on.”
“Our key finding is that all common synchronization mechanisms implemented with conditional branches can be microarchitecturally bypassed in speculative paths using a Specter v1 attack, turning all architecturally race-free critical regions into speculative race conditions (SRCs). , which allow attackers to read information from the target software.”
According to AMD, the measures taken against Specter V1 so far are sufficient to protect against Ghostrace attacks. Further BIOS updates are therefore not necessary.
Other security gaps have little or no impact on end users. CVE-2023-32666 (CVSS Score 7.2, High) describes the possibility of abusing a debug interface for privilege escalation on Intel’s Sapphire Rapids generation Xeon processors. Two additional security vulnerabilities (CVE-2023-28746, CVE-2023-38575) only have a medium risk and can only be exploited with local access.
(mma)