BACK

TA18-141A: Side-Channel Vulnerability Variants 3a and 4

TA18-141A: Side-Channel Vulnerability Variants 3a and 4Original release date: May 21, 2018 | Last revised: May 22, 2018Systems Affected CPU hardware implementations Overview On May 21, 2018, new variants of the side-channel central processing unit (CPU) hardware vulnerabilities known as Spectre and Meltdown were publicly disclosed. These variants—known as 3A and 4—can allow an attacker …

  • 21 May 2018
2 min read
TA18-141A: Side-Channel Vulnerability Variants 3a and 4
Original release date: May 21, 2018 | Last revised: May 22, 2018Systems Affected CPU hardware implementations Overview On May 21, 2018, new variants of the side-channel central processing unit (CPU) hardware vulnerabilities known as Spectre and Meltdown were publicly disclosed. These variants—known as 3A and 4—can allow an attacker to obtain access to sensitive information on affected systems. Description Common CPU hardware implementations are vulnerable to the side-channel attacks known as Spectre and Meltdown. Meltdown is a bug that "melts" the security boundaries normally enforced by the hardware, affecting desktops, laptops, and cloud computers. Spectre is a flaw that an attacker can exploit to force a CPU to reveal its data.Variant 3a is a vulnerability that may allow an attacker with local access to speculatively read system parameters via side-channel analysis and obtain sensitive information.Variant 4 is a vulnerability that exploits “speculative bypass.” When exploited, Variant 4 could allow an attacker to read older memory values in a CPU’s stack or other memory locations. While implementation is complex, this side-channel vulnerability could allow less privileged code toRead arbitrary privileged data; andRun older commands speculatively, resulting in cache allocations that could be used to exfiltrate data by standard side-channel methods.Corresponding CVEs for Side-Channel Variants 1, 2, 3, 3a, and 4 are found below:Variant 1: Bounds Check Bypass – CVE-2017-5753Variant 2: Branch Target Injection – CVE-2017-5715Variant 3: Rogue Data Cache Load – CVE-2017-5754Variant 3a: Rogue System Register Read – CVE-2018-3640  Variant 4: Speculative Store Bypass – CVE-2018-3639Impact Side-Channel Vulnerability Variants 3a and 4 may allow an attacker to obtain access to sensitive information on affected systems. Solution MitigationNCCIC recommends users and administratorsRefer to their hardware and software vendors for patches or microcode,Use a test environment to verify each patch before implementing, andEnsure that performance is monitored for critical applications and services.Consult with vendors and service providers to mitigate any degradation effects, if possible.Consult with Cloud Service Providers to mitigate and resolve any impacts resulting from host operating system patching and mandatory rebooting, if applicable.The following table contains links to advisories and patches published in response to the vulnerabilities. This table will be updated as information becomes available.Link to Vendor InformationDate AddedAMDMay 21, 2018ARMMay 21, 2018IntelMay 22, 2018MicrosoftMay 21, 2018RedhatMay 21, 2018References Google Project Zero Blog Bounds Check Bypass – CVE-2017-5753 Branch Target Injection – CVE-2017-5715 Rogue Data Cache Load – CVE-2017-5754 Rogue System Register Read – CVE-2018-3640 Speculative Store Bypass – CVE-2018-3639 TA18-004A – Meltdown and Spectre Side-Channel Vulnerability Guidance Revision History May 21, 2018: Initial version May 22, 2018: Added information and link to Intel in table This product is provided subject to this Notification and this Privacy & Use policy.
Source: US-CERT AlertsPublished on 2018-05-21
Blog Details
  • 21 May 2018

Newest Articles.

View all
  • 04 Mar 16

    Top 5 Recent Cyber-attacks/hacks and How They Could Relate to your Business.

    Read Article logo
  • 13 Mar 16

    Data leaks, how can they affect Sales and Business Integrity?

    Read Article logo
  • 20 Apr 16

    Common Cyber Security Threats Faced by Businesses and The Impacts

    Read Article logo
  • 11 May 16

    Regular Vulnerability Scans Assessments: Keeping You Safe

    Read Article logo

Get a Quote

Click below and we’ll send you a quote within 48 hours.

quote-form-pattern
  • This field is for validation purposes and should be left unchanged.

Contact Us

Click below and we’ll send you a quote within 48 hours.

quote-form-pattern
  • This field is for validation purposes and should be left unchanged.

Step 1 of 4 - Let’s get started

25%
  • Thanks for your interest in working with us. Please complete the details below and we’ll get back to you within one business day.

Buy Cyber Essentials

price-popup-pattern