Researchers have found a new version of the Specter vulnerability, named SWAPGS that affects modern Intel and some models of AMD processors using speculative execution.
The security issue is named SWAPGS. The experts assigned the vulnerability identifier CVE-2019-1125.Using this gap, an attacker can gain access to confidential information stored in the kernel memory of the operating system. This data may include passwords, tokens, and encryption keys.
Read also: IS experts discover BlueKeep-vulnerabilities scanner in Watchbog cryptominer
Bitdefender experts were the first to notice the security issue.
“The attack is a novel approach of leaking sensitive information from the kernel since it bypasses all known side-channel attack mitigation techniques. This is achieved by abusing the fact that SWAPGS instruction can be executed speculatively. An attacker can force arbitrary memory dereferences in kernel, which leaves traces within the data caches. These signals can be picked-up by the attacker to infer the value located at the given kernel address”, — reported Bitdefender specialists.
In response, Microsoft developers emphasized that they eliminated CVE-2019-1125 with the release of the July patch set.
“To successfully exploit this vulnerability, an attacker must log into the target system and launch a specially crafted application. The gap itself does not allow increasing the rights in the system, however, the attacker can collect information that will later be used for further compromise”, — Microsoft said.
Red Hat developers also issued a warning about SWAPGS.
“There is no known complete mitigation other than updating the kernel and rebooting the system. This kernel patch builds on existing spectre mitigations from previous updates”, — says Red Hat message.
Microsoft has not identified any mitigating factors for this vulnerability too.