New T-Head CPU Bugs Expose Devices to Unrestricted Attacks
A team of researchers from the CISPA Helmholtz Center for Information Security in Germany has disclosed an architectural bug impacting Chinese chip company T-Head’s XuanTie C910 and C920 RISC-V CPUs that could allow attackers to gain unrestricted access to susceptible devices.
The vulnerability has been codenamed GhostWrite. It has been described as a direct CPU bug embedded in the hardware, as opposed to a side-channel or transient execution attack.
“This vulnerability allows unprivileged attackers, even those with limited access, to read and write any part of the computer’s memory and to control peripheral devices like network cards,” the researchers said. “GhostWrite renders the CPU’s security features ineffective and cannot be fixed without disabling around half of the CPU’s functionality.”
CISPA found that the CPU has faulty instructions in its vector extension, an add-on to the RISC-V ISA designed to handle larger data values than the base Instruction Set Architecture (ISA).
These faulty instructions, which the researchers said operate directly on physical memory rather than virtual memory, could bypass the process isolation normally enforced by the operating system and hardware.
As a result, an unprivileged attacker could weaponize this loophole to write to any memory location and sidestep security and isolation features to obtain full, unrestricted access to the device. It could be also be leak any memory content from a machine, including passwords.
“The attack is 100% reliable, deterministic, and takes only microseconds to execute,” the researchers said. “Even security measures like Docker containerization or sandboxing cannot stop this attack. Additionally, the attacker can hijack hardware devices that use memory-mapped input/output (MMIO), allowing them to send any commands to these devices.”
The most effective countermeasure for GhostWrite is to disable the entire vector functionality, which, however, severely impacts the CPU’s performance and capabilities as it turns off roughly 50% of the instruction set.
“Luckily, the vulnerable instructions lie in the vector extension, which can be disabled by the operating system,” the researchers noted. “This fully mitigates GhostWrite, but also fully disables vector instructions on the CPU.”
“Disabling the vector extension significantly reduces the CPU’s performance, especially for tasks that benefit from parallel processing and handling large data sets. Applications relying heavily on these features may experience slower performance or reduced functionality.”
The disclosure comes as the Android Red Team at Google revealed more than nine flaws in Qualcomm’s Adreno GPU that could permit an attacker with local access to a device to achieve privilege escalation and code execution at the kernel level. The weaknesses have since been patched by the chipset maker.
It also follows the discovery of a new security flaw in AMD processors that could be potentially exploited by an attacker with kernel (aka Ring-0) access to elevate privileges and modify the configuration of System Management Mode (SMM or Ring-2) even when SMM Lock is enabled.
Dubbed Sinkclose by IOActive (aka CVE-2023-31315, CVSS score: 7.5), the vulnerability is said to have remained undetected for nearly two decades. Access to the highest privilege levels on a computer means it allows for disabling security features and installing persistent malware that can go virtually under the radar.
Speaking to WIRED, the company said the only way to remediate an infection would be to physically connect to the CPUs using a hardware-based tool known as SPI Flash programmer and scan the memory for malware installed using SinkClose.
“Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution,” AMD noted in an advisory, stating it intends to release updates to Original Equipment Manufacturers (OEM) to mitigate the issue.