Zombieload: New vulnerability in Intel CPUs

[German]Security researchers have uncovered a new vulnerability in Intel CPUs. The vulnerability, called Zombieload, can be exploited by speculative side-channel attacks (such as Meltdown and Spectre) and will affect Intel processors from 2011.


The list of speculative side-channel attacks known with Meltdown and Spectre since early 2018 is actually getting longer every month. Security researchers are constantly finding modified attack methods to exploit vulnerabilities and tap into CPU information.

The Zombieload vulnerability

The new class of vulnerabilities found by security researchers only affects Intel chips since 2011. If these vulnerabilities are exploited, third parties can access sensitive information directly via the information from the processor.

(Source: Pexels Fancycrave CC0 License)

The exploited attack method is reminiscent of the Meltdown and Spectre methods, which exploited a weakness in the speculative execution of processors to access data. Speculative command execution is an important part of the way modern processors work. Speculative execution allows processors to predict to some extent what an application or operating system might need next and in the near future. This is used to optimize program flow, and discards instructions when they are not needed in the program flow. However, this speculative command execution can also be misused to access information that is otherwise inaccessible to processes via preloaded commands.

This is a security problem, as unauthorized sensitive information about the vulnerabilities of the CPU can be extracted. Zombieload is now a new method for such attacks that has been rediscovered by security researchers at Graz University of Technology. In the meantime, there is the page  zombieloadattack.com with information about this attack.


Vendors offering security updates

Intel classifies the vulnerability as moderate, but has released security information Microarchitectural Data Sampling Advisory (Intel-AS-00233). It describes the details of the vulnerabilities CVE-2019-11091, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130. The newly discovered vulnerability, however, is shaking the industry quite a bit. The industry is responding by May 14, 2019 with security updates and solutions to patch the vulnerability.

Articles on the zombieload vulnerability can also be found at Techchrunch. There is a video included which shows how easy it is to catch a password with the attack method. More may be found at Bleeping Computer in the articles List of MDS Speculative Execution Vulnerability Advisories & Updates and New RIDL and Fallout Attacks Impact All Modern Intel CPUs.

Cookies helps to fund this blog: Cookie settings

This entry was posted in devices, Security and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *