Researchers Break Intel SGX With New ‘SmashEx’ CPU Attack Technique
A newly discovered vulnerability in Intel’s SGX technology can be used by hackers to gain access to delicate data saved in digital vaults and even run arbitrary code on vulnerable systems.
The group of academics from the National University of Singapore, Chinese National University of Defense Technology, and ETH Zurich discovered this vulnerability in May 2021, who used it to stage a data disclosure attack called “SmashEx” that can corrupt private data in the digital vaults and break its integrity.
SGX short for “Software Guard Extensions” enables applications to execute code protect secrets inside their own trusted execution environment, giving developers direct control over their application security. SGX is designed to protect application secrets from malicious software. It prevents software attacks even when the Application, Operating System, and BIOS are compromised. The secret remains protected even when the attacker has full control over the platform.
The SGX design allows the OS to interrupt the enclave execution through configurable hardware exceptions at any point, for normal functioning.
The researchers outlined “This feature enables enclave runtimes (e.g., Intel SGX SDK and Microsoft Open Enclave) to support in-enclave exception or signal handling, but it also opens up enclaves to reentrancy bugs. “SmashEx” is an attack that exploits enclave SDKs that do not carefully handle reentrancy in their exceptional handling safely”
There are OCALLS or Outside Calls which allow enclave functions to call out to the untrusted application and then return to the enclave. When the in-enclave exceptions are handled by the enclave (e.g., division-by-zero or timer interrupt), the vulnerability provides a short span of time for a local attacker to hijack the control flow of execution by injecting an asynchronous exception immediately after the enclave is entered.
With this capability, the in-enclave memory can be corrupted by the hacker to leak sensitive data like RSA private keys or execute malicious code.
Since SmashEx affects runtimes that support in-enclave exception handling, the researcher noted that “such OCALL return flow and the exception handling flow should be written with care to ensure that they interleave safely” and that “when the OCALL return flow is interrupted, the enclave should be in a consistent state for the exception handling flow to progress correctly, and when the exception handling flow completes, the enclave state should also be ready for the enclave to resume.”
To mitigate this vulnerability with SGX SDK versions 2.13 and 2.14, Intel has released software updates for Windows and Linux respectively. Microsoft, for its part, addressed the issue (CVE-2021-33767) in its July 2021 Patch Tuesday updates with Open Enclave version 0.17.1 of the SDK. The analysis team’s results are anticipated to be offered the following month at the ACM Meeting on Personal computer and Communications Security.
“Asynchronous exception handling is a commodity functionality for real-world applications today, which are increasingly utilizing enclaves,” the researchers said, adding the research highlights “the importance of providing atomicity guarantees at the OS-enclave interface for such exceptions.”