PortSmash – A newly discovered Intel Vulnerability!

Recently, a team of researchers have reported a serious vulnerability in Intel processor units which a potential attacker could exploit in order to access and steal encrypted data from the targeted device due to the use of the simultaneous multi-threading feature in Intel CPUs. The codename of the vulnerability is Port-Smash and it has been discovered by cyber security experts at the Technical University of Havana in Cuba and at the Tampere University of Technology, Finland.

Simultaneous multi-threading

The main reason for the existence of the Port-Smash vulnerability is the use of the simultaneous multi-threading (SMT) feature in Intel CPUs. This is a technology which “splits” a given physical core into virtual ones (threads) which makes it possible for each physical core to process two instruction streams simultaneously. However, this allows for one of the processes to have a quite a lot of access to the other process run in the same physical core which is what is the core reason behind the Port-Smash vulnerability.

With the use of this vulnerability, a hacker might be able to use a malicious process to easily access data from a targeted victim process that runs alongside the malicious one within the same core.  

Targeted data

The Port-Smash vulnerability could/might mainly be used to acquire private encryption keys and then use them to access data which is protected by encryption on the targeted PC. The researchers at GitHub have have attempted to test this vulnerability’s applicability and, through it, have managed to steal a private OpenSSL decryption key through a malicious process used to target an OpenSSL “victim” thread.

This, however, is only one example of how this vulnerability could be used. Port-Smash has been confirmed to work on Skylake and Kaby Lake Intel processors but researchers suspect that this vulnerability might also be present and work on other CPUs that use SMT architecture such as AMD, for example.

Protection

The researchers who have discovered the vulnerability have reported it to Intel at the beginning of the last month but Intel are yet to release a security patch that would fix the issue. Due to the lack of a security patch for the Port-Smash vulnerability, the researchers have released a public report on the exploit. A detailed analysis of the issue is also set to be released sometime in the near feature.

As far as protecting your PC against a potential attack that might use this vulnerability against you to access and/or steal sensitive data from you, the best precaution is to disable your CPU’s SMT/Hyper-threading until a security patch is released by Intel that would take care of the issue. Note, though, that this is only a temporary measure and the actual fix should be installing the new security patch from Intel so make sure to do that once it gets released and after that re-enable the SMT on your processor. For concerned AMD users, there’s currently an ongoing by researchers at AMD in order to determine if the same exploit would work for their processors as well.


Leave a Comment