CVE Vulnerabilities

CVE-2023-38575

Non-Transparent Sharing of Microarchitectural Resources

Published: Mar 14, 2024 | Modified: May 04, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
5.5 MODERATE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Ubuntu
MEDIUM

Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

Weakness

Hardware structures shared across execution contexts (e.g., caches and branch predictors) can violate the expected architecture isolation between contexts.

Affected Software

Name Vendor Start Version End Version
Intel-microcode Ubuntu bionic *
Intel-microcode Ubuntu esm-infra-legacy/trusty *
Intel-microcode Ubuntu esm-infra/bionic *
Intel-microcode Ubuntu esm-infra/xenial *
Intel-microcode Ubuntu focal *
Intel-microcode Ubuntu jammy *
Intel-microcode Ubuntu mantic *
Intel-microcode Ubuntu trusty *
Intel-microcode Ubuntu trusty/esm *
Intel-microcode Ubuntu xenial *
Red Hat Enterprise Linux 9 RedHat microcode_ctl-4:20240910-1.el9_5 *

Extended Description

Modern processors use techniques such as out-of-order execution, speculation, prefetching, data forwarding, and caching to increase performance. Details about the implementation of these techniques are hidden from the programmer’s view. This is problematic when the hardware implementation of these techniques results in resources being shared across supposedly isolated contexts. Contention for shared resources between different contexts opens covert channels that allow malicious programs executing in one context to recover information from another context. Some examples of shared micro-architectural resources that have been used to leak information between contexts are caches, branch prediction logic, and load or store buffers. Speculative and out-of-order execution provides an attacker with increased control over which data is leaked through the covert channel. If the extent of resource sharing between contexts in the design microarchitecture is undocumented, it is extremely difficult to ensure system assets are protected against disclosure.

Potential Mitigations

References