A new vulnerability has just landed for Intel CPU’s that are still using Simultaneous Multithreading (SMT). CVE-2018-5407, or commonly known as PortSmash.
PortSmash is joining an ever lengthening list of vulnerabilities for CPU’s using SMT.
- Meltdown
- Spectre
- TLBleed
- Foreshadow
PortSmash works by detecting port contention. An exploit can then use this contention to construct a timing side channel attack.
The reporter, Billy Brumleya and team, have created a proof of concept exploit for this vulnerability already. Their exploit PoC was able to successfully steal a private key from OpenSSL running on Ubuntu 18.04. They could then use this key to decrypt sensitive data.
This additional vulnerability continues to highlight the importance of disabling SMT within your environment, as this is the only fix.
I’ve reviewed some further Hyper-V CPU Schedulers that Microsoft have released to aid with these style attacks, for Hyper-V workloads .