New ZombieLoad Side-Channel Attack Variant: TSX Asynchronous Abort

Written by Michael Larabel in Intel on 12 November 2019 at 02:05 PM EST. 28 Comments
INTEL
In addition to the JCC erratum being made public today and that performance-shifting Intel microcode update affecting Skylake through Cascade Lake, researchers also announced a new ZombieLoad side-channel attack variant dubbed "TSX Asynchronous Abort" or TAA for short.

ZombieLoad / MDS (Microarchitectural Data Sampling) was announced back in May by researchers while today Cyberus Technology has announced a new variant focused on Intel processors with TSX (Transactional Synchronization Extensions). TSX Asynchronous Abort is a new ZombieLoad variant that was actually discovered back as part of Cyberus' originally discoveries but faced an extended embargo.

Current Intel hardware mitigations do not cover TAA and current Cascade Lake CPUs remain vulnerable. TAA can allow leaking of data across processes, privilege boundaries and Hyper Threading. With Hyper Threading disabled, TAA can still leak data from protected domains.

For mitigating TAA Asynchronous Abort there is no new software workaround out today short of disabling Intel TSX. It is recommended to disable Hyper Threading while Cyberus ultimately recommends running trusted/untrusted applications on separate physical systems.

More details on TAA via Cyberus' disclosure and the CVE-2019-11135 notice.
28 Comments
Related News
Intel Preps Adaptive Sync SDP, Lunar Lake Display & More DG2 PCI IDs In Linux 6.10
Intel Vulkan Driver Wires Up Image Compression Control For VKD3D-Proton
Native BHI Mitigation Performance Benchmarks On Core i9 14900K Under Linux 6.9
Intel's Newest Software Effort For Achieving Greater Performance: Thin Layout Optimizer
Turbostat Becomes Semi-Useful To Non-Root Users
Intel FFmpeg Cartwheel 2024Q1 Brings New Filter To Transform Old Content
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Linus Torvalds Injects Tabs To Thwart Kconfig Parsers Not Correctly Handling Them
Linux 6.10 To Merge NTSYNC Driver For Emulating Windows NT Synchronization Primitives
Ubuntu Maker Canonical Announces New Collaboration With Qualcomm
Fedora 41 Looks To "-O3" Optimizations For Its Python Build
APT 2.9 Released: Debian's APT 3.0 To Have A New UI With Colors, Columnar Display & More
Former Nouveau Lead Developer Joins NVIDIA, Continues Working On Open-Source Driver
KDE's KWin Merges Wayland Explicit Sync Support
Gentoo Linux Now An SPI Project