Software may be able to fix the ÆPIC CPU vulnerability. Increasingly complex architectures make such smooth processes a rarity, says David Fuhr.
Another processor vulnerability? With a fancy title and a silly “We’re so cool, we don’t need to be cool” logo? All right: yawn! Please move on, there is nothing to see here, switch to the next side channel.
Wait a moment! CVE-2022-21233 aka ÆPIC Leak, the latest scary thing from the guys who brought us Meltdown and Specter v1.x to v5 NG in the past, isn’t a side channel attack at all, but an “ordinary” vulnerability – a perfectly normal one uninitialized read even, the IT equivalent of “I sit down in the café for breakfast and am surprised that I still find crumbs from the guests in front of me”. And for that the great excitement in the digital press forest?
SGX enclaves easily readable
The tricky thing about ÆPIC Leak is not the vulnerability itself. Although this affects many current processors, it can only be exploited by privileged users. It would therefore be particularly relevant for the cloud area – if VMs had access to the Advanced Programmable Interrupt Controller (APIC). But be careful: SGX enclaves can be easily read, which means another blow to the Trusted Execution Environments, which Intel has already discontinued for client systems.
The piquant thing is that it is essentially a “software bug” in hardware: modern CPUs have become so powerful that their hardware, microarchitecture and even the one level more abstract architecture behave as complex as software. And so inherit the opportunity for all sorts of vulnerabilities that we previously thought only software capable of.
What leaks? We run AI models in apps on containers in VMs on hypervisors in OSs implemented in microcode on architectures by microarchitectures – and collect complexity debt at every level, all the way down. Wonderful “weird machines” can be constructed from this lasagna layering, virtual computers within computers that attackers can completely control purely through bugs. Because in the cracks of the abstraction levels there are certainly still hundreds of weak points (categories).
The security house of cards falls
If we stack the main enemy of security, complexity, on top of each other like a house of cards, we shouldn’t be surprised at such own goals – and in the present case we can count ourselves lucky that it is an architectural bug that is caused by software (microcode in the processor ) can be absorbed, albeit at the expense of performance. It’s not always going to be cheap.
The crucial question for the future will be whether we are making faster progress with the development of engineering and security methods than we manage to accumulate new complexity debts. In this case, I am exceptionally in favor of a debt brake.
