Side-channel attacks against Intel and AMD x86 CPUs have intensified in recent years following the exposure of the Spectre and Meltdown vulnerabilities. On Tuesday, Intel pushed out microcode update 20220809 to patch the Intel-SA-00657 security vulnerability that affects a large number of processors, including 10/11/12 generation Cores. Shortly after, we saw a detailed analysis of the report.
The vulnerability is called ÆPIC Leak, which is named after the Advanced Programmable Interrupt Controller (APIC) that handles interrupt requests, and is the first CPU architecture-level sensitive data disclosure vulnerability.
It is known that on most Gen 10, 11, and 12 Core processors, APIC MMIO does not impose proper scope definitions on stale data returned from the cache hierarchy.
Compared to transient execution attacks such as Spectre and Meltdown, the ÆPIC Leak vulnerability is much closer to the architecture level — sensitive data can be leaked directly, without relying on any noisy side channels.
In other words, ÆPIC Leak is like uninitialized memory read in the CPU proper. Thankfully, access to APIC MMIO will require specific privileges (administrator or root), so most systems will not be directly affected by this vulnerability.
On the other hand, systems that rely on Intel SGX Software Protection Extensions to protect data from privileged attacks will be at greater risk — a key reason why Intel is aggressively pushing CPU microcode patches.
A concept demo of the vulnerability is now open-sourced by the Graz Institute of Technology (GitHub). As for Intel, the chip giant became aware of it in December 2021 and assigned a generic vulnerability disclosure number, CVE-2022-21233.
Finally, if you do not deploy the 20220809 CPU microcode update first, you can also temporarily avoid exploits based on this vulnerability by disabling APIC MMIO or bypassing SGX.
