1-1 of 1 Answer
Probably not vulnerable. To utilize LVI, the malicious actor needs to: - Find existing gadgets in the victim software that meet all of the attack requirements. - Influence the behavior of the victim's environment to cause execution of the gadget inside the victim. - Influence the victim's execution so that a specific load inside the gadget takes a fault, assist or abort. - Cause the transient execution to last long enough that the gadget puts the attacker-desired data into the covert channel. - Look for the signal in the covert channel emitted by the LVI gadget through the background noise created by the system. Needing to perform all these steps increases the complexity of the attack, beyond the already significant complexities present in other transient execution vulnerabilities Due to the numerous, complex requirements that must be satisfied to implement the LVI method successfully, LVI is not a practical exploit in real-world environments where the OS and VMM are trusted. Because of the Intel® Software Guard Extensions (Intel® SGX) strong adversary model, attacks on Intel SGX enclaves loosen some of these requirements. Notably, the strong adversary model of Intel SGX assumes that the OS or VMM may be malicious, and therefore the adversary may manipulate the victim enclave's page tables to cause arbitrary enclave loads to fault or assist. Where the OS and VMM are not malicious, LVI attacks are significantly more difficult to perform, even against Intel SGX enclaves. Accordingly, system administrators and application developers should carefully consider the particular threat model applicable to their systems when deciding whether and where to mitigate LVI.
Sorry, there was a problem. Please try again later.