A new CPU vulnerability affects all known computer architectures. The so-called GhostRace exploit makes it possible to steal data from the system memory of PCs with chips from Intel, AMD, Arm and IBM.
VUSec, the Systems & Network Security Group at the Dutch university VU Amsterdam, shares a detailed analysis of CVE-2024-2193. The group collaborated with IBM for the research.
The exploit bypasses protections against “race conditions,” in which the synchronization of system hardware occurs improperly. All cores and threads of a processor collectively address system resources, but must coordinate this to avoid issues. These problems can range from data corruption to exploitable vulnerabilities. So-called “speculative primitives” prevent race conditions from happening and vary by architecture.
Building on Spectre
GhostRace, the exploit of CVE-2024-2193, builds on the infamous Spectre vulnerability. In 2018, it was revealed that this security vulnerability allowed access to the allocated memory of other programs. It allowed malicious actors to manipulate “speculative execution,” the technique a CPU uses to perform calculations before the actual instruction has occurred.
The vulnerability plagued devices with chips from Intel, AMD, Apple and Arm, but is difficult to exploit. Meanwhile, browsers include mitigations against Spectre, significantly thinning the attack paths. However, virtually every x86 processor is still vulnerable.
It turns out that protection against race conditions always depends on an “if” statement. Attackers can therefore get around this implementation and manipulate the behaviour of the processor, the researchers state.
Everyone informed, but problem not easily solved
Because this allows an attacker to target the fundamental nature of microchips, preventing this type of attack is very difficult. Many end users never change their BIOS firmware even if a microcode update is available. In addition, mitigations against this type of vulnerability tend to lead to poorer performance. This was repeatedly seen in measures against Spectre, as was the case with Linux in 2018. A suggested protection method for the Linux kernel against GhostRace this time would result in a performance loss of about 5 percent.
Also read: Bug affects Linux systems: major risk to firmware