Beware: Intel 10th, 11th, 12th Gen CPUs have ÆPIC flaw that does not need side channels

Intel logo written on red PCB design on a black background

A new security flaw dubbed "SQUIP" has hit AMD Zen and Apple M1 CPUs recently that exploits the multiple schedulers. Intel does not employ such a technique and hence is invulnerable to this particular side-channel attack.

However, Team Blue has also been found to be under threat from another CPU flaw that does not need side channel attack surface. The new flaw dubbed "ÆPIC" exploits the Advanced Programmable Interrupt Controller (APIC) registers via memory-mapped I/O (MMIO) and upon successful exploitation, a threat actor can read privileged information on a compromised system.

And so, although most systems can go unaffected by this, the researchers have warned against systems that use Intel Software Guard Extensions (SGX) as it is a privileged software and can expose data similar to how it has done during previous vulnerabilities.

Here's how the security researchers have described ÆPIC:

ÆPIC Leak is the first CPU bug able to architecturally disclose sensitive data. It leverages a vulnerability in recent Intel CPUs to leak secrets from the processor itself: on most 10th, 11th and 12th generation Intel CPUs the APIC MMIO undefined range incorrectly returns stale data from the cache hierarchy.

[...]

A privileged attacker (Administrator or root) is required to access APIC MMIO. Thus, most systems are safe from ÆPIC Leak. However, systems relying on SGX to protect data from privileged attackers would be at risk, thus, have to be patched.

Intel has assigned the ID "CVE-2022-21233" to track the issue. It potentially affects all Intel CPUs 10th Gen Ice Lake and newer, that use the new Sunny Cove core.

Source: ÆPIC Leak via Intel

Report a problem with article
Next Article

Microsoft claims Sony fighting increased competition by opposing Activision deal

An AMD Ryzen processor inside its socket
Previous Article

Beware: Almost all AMD Ryzen chips found vulnerable to side-channel SQUIP attacks

24 Comments - Add comment

Advertisement