Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Security Management //

Patch Management

5/4/2018
09:35 AM
Scott Ferguson
Scott Ferguson
News Analysis-Security Now
50%
50%

'Spectre NG' Flaws Reportedly Found in Intel Chips

A German magazine is reporting that 'Spectre Next Generation' vulnerabilities have been found in Intel's x86 processors, although full details are not being released yet.

Get ready for a new generation of Spectre vulnerabilities to appear in x86 chips.

On May 3, German magazine c't published a report that claims researchers have found eight new security flaws in Intel processors that are being tentatively called "Spectre Next Generation" or "Spectre NG."

Several teams of security researchers have reported the new Spectre-like vulnerabilities to Intel, although the technical details of these flaws are being withheld right now, according to the report. The story also claims that Intel is working on patches to address these new sets of hardware issues.

Once again, it appears that Google Project Zero, the search company's security division, has been aware of at least one of these flaws. The Google team alerted Intel to the Spectre and Meltdown side-channel vulnerabilities in 2017, before additional details were released by university researchers in January. (See Meltdown & Spectre News Gets Worse – & Better.)

In addition to Intel, c't reports that these flaws could also affect AMD and ARM processors as well.

While the technical details are being withheld to give the companies involved time to respond and issue patches and fixes, the magazine reported that the Spectre NG flaws work in the same manner as the original Spectre and Meltdown vulnerabilities.

The new set of flaws were discovered through the Common Vulnerability Enumerator (CVE), which is an industry repository of known cybersecurity vulnerabilities that contains identification numbers, descriptions and public references. Intel appears to have labeled at least four of the next-generation flaws as "high-risk." The other four are deemed moderate.

It is also likely, according to the report, that each of the eight vulnerabilities will require their own patch.

For its part, Intel is remaining quiet about the report, although a note published on the company's website on Thursday seems to hint that the chip maker is aware of new vulnerabilities and is working to fix the issues.

"We routinely work closely with customers, partners, other chipmakers and researchers to understand and mitigate any issues that are identified, and part of this process involves reserving blocks of CVE numbers," according to Intel's post. "We believe strongly in the value of coordinated disclosure and will share additional details on any potential issues as we finalize mitigations. As a best practice, we continue to encourage everyone to keep their systems up-to-date."


The fundamentals of network security are being redefined -- don't get left in the dark by a DDoS attack! Join us in Austin from May 14-16 at the fifth-annual Big Communications Event. There's still time to register and communications service providers get in free!

When the original Spectre and Meltdown flaws were disclosed at the beginning of this year, researchers reported that by manipulating pre-executed commands within x86 chips, which help make data available faster, hackers can gain access to the content of the kernel memory. The security issue is that this flaw can allow a hacker to gain access to encryption keys and other authentication details of whatever system the CPU is running in.

Since that time, Intel has been issuing patches and promising to do a better job of alerting the community to security flaws, although the company recently admitted that some chips will never get Spectre and Meltdown fixes. (See Intel Will Leave Some Chips Without Spectre Patch.)

What makes the original Spectre and Meltdown particularly tricky to fix is the fact there are variations to each flaw. Specifically, Spectre has two different issues called Variant 1 and Variant 2. In the case of Variant 2, the flaw is the harder one to exploit by attackers but also the more difficult to fix. (See 5 New Network Attack Techniques That Will Keep You Awake at Night.)

Related posts:

— Scott Ferguson is the managing editor of Light Reading and the editor of Security Now. Follow him on Twitter @sferguson_LR.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/1/2020
Ripple20 Threatens Increasingly Connected Medical Devices
Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
Dark Reading Staff 6/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The Threat from the Internet--and What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15478
PUBLISHED: 2020-07-01
The Journal theme before 3.1.0 for OpenCart allows exposure of sensitive data via SQL errors.
CVE-2020-6261
PUBLISHED: 2020-07-01
SAP Solution Manager (Trace Analysis), version 7.20, allows an attacker to perform a log injection into the trace file, due to Incomplete XML Validation. The readability of the trace file is impaired.
CVE-2020-15471
PUBLISHED: 2020-07-01
In nDPI through 3.2, the packet parsing code is vulnerable to a heap-based buffer over-read in ndpi_parse_packet_line_info in lib/ndpi_main.c.
CVE-2020-15472
PUBLISHED: 2020-07-01
In nDPI through 3.2, the H.323 dissector is vulnerable to a heap-based buffer over-read in ndpi_search_h323 in lib/protocols/h323.c, as demonstrated by a payload packet length that is too short.
CVE-2020-15473
PUBLISHED: 2020-07-01
In nDPI through 3.2, the OpenVPN dissector is vulnerable to a heap-based buffer over-read in ndpi_search_openvpn in lib/protocols/openvpn.c.