APIC fail: Intel ‘Sunny Cove’ chips with SGX spill secrets

A group of computer scientists has identified an architectural error in certain recent Intel CPUs that can be abused to expose SGX enclave data like private encryption keys.

They call it ÆPIC Leak because it affects the memory-mapped registers of the local Advanced Programmable Interrupt Controller (APIC), which helps the CPU handle interrupt requests from various sources in order to facilitate multiprocessing.

Found by Pietro Borrello (Sapienza University of Rome), Andreas Kogler (Graz University of Technology), Martin Schwarzl (Graz), Moritz Lipp (Amazon Web Services), Daniel Gruss (Graz), and Michael Schwarz (CISPA Helmholtz Center for Information Security), the flaw is described in a paper [PDF] titled, “ÆPIC Leak: Architecturally Leaking Uninitialized Data from the Microarchitecture.”

“We discover ÆPIC Leak, the first architectural CPU bug that leaks stale data from the microarchitecture without using a side channel,” the authors explain in their paper, which was provided to The Register.

The bug affects recent Intel CPUs based on the company’s Sunny Cove microarchitecture, the authors say. This includes: Intel’s 10th generation Ice Lake CPUs; its current 3rd generation Xeon scalable server CPUs (Ice Lake SP); and, it is claimed, new 12th generation Alder Lake CPUs (Golden Cove).

But there’s some disagreement about this: Intel says Alder Lake isn’t affected because it doesn’t support SGX, but allows that other CPUs not identified by the researchers are affected (see below).

ÆPIC Leak is not a transient execution attack like Meltdown that relies on a side-channel to infer sensitive data. Rather it’s

Read more

Explore the site

More from the blog

Latest News