August 13, 2024 at 10:12AM
A team at the CISPA Helmholtz Center for Information Security uncovered the “GhostWrite” vulnerability in T-Head’s XuanTie C910 and C920 RISC-V CPUs, allowing attackers to gain unrestricted access to affected devices. The flaw lies in the vector extension, requiring disabling half the CPU’s functionality for full mitigation, impacting performance especially for parallel processing tasks. This revelation follows similar disclosures in Qualcomm’s Adreno GPU and a long-standing flaw in AMD processors.
Key points from the meeting notes:
1. Researchers from the CISPA Helmholtz Center for Information Security in Germany have identified a hardware vulnerability, codenamed GhostWrite, impacting T-Head’s XuanTie C910 and C920 RISC-V CPUs, allowing unprivileged attackers to gain unrestricted access to susceptible devices.
2. The vulnerability lies in the vector extension of the CPU, with faulty instructions that operate directly on physical memory rather than virtual memory, bypassing process isolation enforced by the operating system and hardware.
3. Mitigation for GhostWrite involves disabling the entire vector functionality, severely impacting CPU performance and capabilities, with implications for tasks that benefit from parallel processing and handling large data sets.
4. Google’s Android Red Team disclosed more than nine flaws in Qualcomm’s Adreno GPU, which have been patched by the chipset maker.
5. A new security flaw, dubbed Sinkclose, has been discovered in AMD processors, potentially allowing attackers with kernel-level access to elevate privileges, modify the configuration of System Management Mode (SMM), and install persistent malware undetected for nearly two decades.
6. AMD intends to release updates to Original Equipment Manufacturers (OEM) to mitigate the Sinkclose vulnerability.
Let me know if you need any further details or specific action items based on this information.