CVE-2017-5754 (Meltdown, Variant 3, Rogue Data Cache Load) is a microprocessor vulnerability that allows an attacker to overcome all memory isolation mechanisms offered by the microprocessor by causing it to speculatively execute code out-of-order that loads inaccessible information which end up changing the cache state of the microarchitecture, thereby leaking information through side-channel timing analysis.
Contents
Overview[edit]
Rogue Data Cache Load leverages the speculative execution out-of-order behavior of the microprocessor in order to cause some code to expose more information than intended. Specifically, Meltdown breaks the basic memory isolation assumptions that's used by the operating system to manage the virtual memory of each process.
Consider the following code.
char val = *(char *)0xAAAAA;
When executed, this line will likely cause a segmentation fault due an access restriction violation. However, the microprocessor can continue to execute subsequent code out-of-order while memory reference is being resolved (including TLB lookup and page table walk, if necessary) - processor does not wait for it to complete. In Meltdown-affected processors, the speculative execution happens even if data reference points to an existing, but privileged memory area - the "val" is speculatively available to subsequent speculative instructions.
Example[edit]
Consider the following (simplified) code.
char probeTable[256] = {0}; /* op 1 */
/* ... */
char val = *(char *)0xAAAAA; /* op 2 */
char temp = probeTable[val]; /* op 3 */
Consider what happens when operation 2 is executed. The microprocessor performs the load. If address 0xAAAAA points to OS kernel data, access will not be allowed - but this can only be known after page tables are examined. While this happens, the microprocessor will speculatively execute op 3 while memory load in op 2 did not reach the retire stage. When op 2 is retired, exception is raised and speculative execution results are dropped.
However, if probeTable
was uncached, the code in op 3 caused a cache miss, resulting the microprocessor going and grabbing the value from main memory. By measuring time to read each probeTable[i] element, we can determine which element is cached now. From this, we can infer the value of "val".
This method can then be used repeatedly to read a larger part of memory.
Affected Processors[edit]
Below is a list of known affected processors, alphabetized. This is NOT en exhaustive list but rather the ones we were able to verify.
List of Processors affected by Meltdown | ||
---|---|---|
Designer | Processor/Architecture | Related Notes |
Apple | Swift (A6/A6X) | Post Post |
Cyclone (A7) | ||
Typhoon (A8/A8X) | ||
Twister (A9/A9X) | ||
Hurricane (A10/A10X) | ||
Monsoon (A11/A11X) | ||
ARM | Cortex-A15 | Post |
Cortex-A57 | ||
Cortex-A72 | ||
Cortex-A75 | ||
Intel | Nehalem | |
Westmere | ||
Sandy Bridge | Post | |
Ivy Bridge | ||
Haswell | ||
Broadwell | ||
Skylake | ||
Kaby Lake | ||
Coffee Lake |
This list is incomplete; you can help by expanding it.
Proof-of-Concept[edit]
- Meltdown Proof-of-Concept - https://github.com/IAIK/meltdown
See also[edit]
- CVE-2017-5753, Spectre, Variant 1
- CVE-2017-5715, Spectre, Variant 2
References[edit]
- Lipp, Moritz, et al. "Meltdown." arXiv preprint arXiv:1801.01207 (2018).
- "CVE-2017-5754", https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5754