On 12th November 2019, Intel® disclosed a potential security vulnerability which affects a number of Intel® Processors. The hardware flaw affects server memory and may allow for unexpected reloads of a device (DoS attack) if unmitigated.
Reported as a new variant of the Zombieload attack discovered earlier this year, this new flaw is said to target Intel’s latest family of chips, Cascade Lake.
CVE-2018-12207 is a vulnerability in the way Intel® CPUs handle memory. If exploited by an authenticated user, it can cause your server or hardware node to unexpectedly reboot, which effectively would take that part of the solution offline for a period of time.
“The vulnerability enables the improper page table invalidation for page table updates by a virtual guest operating system for multiple Intel® platforms. This may allow an authenticated user to potentially enable temporary denial of service of the host system via local access.
“In certain virtualised environments, malicious actors with Ring-0/administrative privileges in a guest OS may potentially leverage this issue to mount a temporary DoS attack by utilising published errata for Instruction fetch.
“A potential attack may result in a fatal MCE (machinecheck) (IA32_MCi_STATUS.MSCOD=00FH), (IA32_MCI_STATUS. MCACOD=0150H) in the host machine and be seen as host platform reset.”
Fortunately, the majority of vulnerabilities found by internal researchers during a review, with a small number found by supporting external parties.
Intel® is not aware of any real-life exploits of this vulnerability. It has coordinated with OS and hypervisor vendors to provide updates to mitigate any potential vulnerability.
At UKFast, we work closely with technology partners to ensure we are made aware of vulnerabilities as soon as they arise, to provide the best security for our clients. Information regarding patches and updates to mitigate CVE-2018-12207 will be provided as soon as they become available.
If you have any questions about your UKFast solution, please don’t hesitate to get in touch with the UKFast support team. We’re happy to help.