How does this chip flaw impact on Linux?
- The flaw is OS independent, so the impact is far more reaching than just Linux, including Windows, MacOS, and virtual and cloud environments
- The flaw in the Intel chip is that the process used to ensure users do not have access to the kernel has a bug, allowing a user to execute code to read and access kernel level memory access, exposing critical information that would be stored there, like system passwords. A proof of concept has already been seen in the wild that exploits the flaw. This flaw in the Intel chipset will impact virtual and cloud environments that load entire systems in memory, which could expose workloads to other systems and applications that share the same hardware
- A core principle of information security is the least privilege model. Least privilege means every component of computing systems, including system processes and users, has access only to the information and resources that are needed for it to function. All user accounts at all times should run with as few privileges as possible, and also launch applications with as few privileges as possible. From a cyber security perspective, limiting user access to least privileges reduces the ability of an attacker to exploit other applications and the rest of the system
- Applications are given minimal user access privilege, but they require a higher level of system access for even the most basic of tasks, such as network access or writing to a file. To handle these functions while still limiting user access, the application passes off control of the processor to the kernel, which has the highest level of system access. In order to reduce the performance impact of passing off functions to the kernel, the processor allows the application to share memory addresses with the kernel, which are transparent to the user
What must the Linux community do to address this problem?
- Linux, as well as any operating system using impacted Intel processors, must be rewritten to completely separate user memory space from the kernel memory space. The impact of rewriting the OS to correct the flaw is that applications will require more computational resources, which at best will slow down the entire operating system. A patch for the kernel has already been written and there have already been recorded slowdowns in application pKerformance
- This is an example of a flaw that has existed for years and we don’t know who already may know about it, and even worse, may have already exploited it
- While the security research community continues to find and report flaws like this, we must assume there are many more they did not find that attackers may already know about and have exploited. Every organization needs to assume that perfect prevention is not possible, exploits will always exist and breaches will occur. With this mindset, even with perfect patching, organizations need to focus their efforts on finding the attacker behaviours that occur after a flaw is exploited and before the attacker succeeds in stealing information or causing damage to the organisation
Amazon just sent a notice about a major security update and EC2 is scheduled to reboot this Friday:
Azure released a similar notice about an important security and maintenance update to its virtual machines:
- If the Azure and Amazon reboots are related to the Intel flaw, it would demonstrate how far reaching the impact is. A phrase like “the cloud is rebooting” is not something that anyone has had to say before and it reminds me of the kind of far reaching impact that Y2K was feared to have had
- This should be a wake-up call to enterprises that they need to think differently about cloud security. This flaw in the cloud could provide “side-door” for an attacker to enter from an adjacent cloud service rather than launch a frontal assault on your enterprise applications running in the cloud