You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@teaclave.apache.org by Mingshen Sun <ms...@apache.org> on 2021/11/01 23:06:02 UTC
Security Advisory of SmashEx and CVE-2021-0186
Hi Teaclave Community,
Recently, we were notified of a re-entrancy vulnerability in the
exception handling designs of some popular SGX SDKs (including Intel
SGX SDK), resulting in arbitrary disclosure of enclave private memory
and code-reuse attacks in SGX enclave.
The vulnerability is named as SmashEx [1]. The SmashEx attack affects
several SGX runtimes with exception handling. For Intel SGX SDK, the
assigned identifier is CVE-2021-0186 [2]. While the vulnerability
itself is not a Teaclave flaw, we're taking proactive measures to
explain and mitigate its impact on Teaclave users.
## Overview
Due to the lack of atomicity primitives in SGX enclaves, an SGX
enclave can be interrupted and re-entered at any time, including when
it is in a state unsafe for re-entry (i.e., when it is executing a
critical section). The SmashEx attack exploits such unsafe enclave
re-entries happening in the exception handling mechanism in the SGX
runtime.
A malicious host can create an exception immediately after EENTER
which causes control to be transferred to the host before the enclave
stack (RSP register) has been properly set up. Then, a special ECALL
(called `ECMD_EXCEPT`) to enclave will use the attacker-controlled RSP
register to setup the context of the exception handler function. At
last, when the host transfers control back to the enclave with
ERESUME, it may execute with a stack that resides in host memory
thereby enabling ROP exploits.
This vulnerability can be fixed by adding extra checks on untrusted
RSP when constructing the context of the exception handler.
## Affected Versions
For Intel SGX SDK, the vulnerability affects all projects using the
following versions.
- Intel SGX SDK for Windows v2.12 and earlier
- Intel SGX SDK for Linux v2.13 and earlier
## Impacts on Teaclave
Teaclave SGX SDK wraps Intel SGX SDK and provides a Rust development
environment. The affected Intel SGX SDK version was recommended in
Rust SGX SDK v1.1.3 (which is a pre-Apache release). Therefore, people
using Rust SGX SDK v1.1.3 with the vulnerable Intel SGX SDK (v2.13 and
earlier) are also vulnerable. *However, the current Teaclave SGX SDK
is compatible with newer Intel SGX SDK versions. Therefore, we
recommend all users to upgrade to the latest Intel SGX SDK.*
For Teaclave (i.e., the Teaclave FaaS platform), it uses Teaclave SGX
SDK to build a confidential computing platform. Therefore, the
Teaclave v0.2.0 released in March used the vulnerable Intel SGX SDK
version. *However, the v0.3.0 released [3] in August has upgraded the
Intel SGX SDK to v2.14 with the fix. Therefore, the latest release of
Teaclave is not affected by this vulnerability.*
## Patches & Mitigations
The vulnerability has been fixed in Intel SGX SDK in this patch:
- Patch: https://github.com/intel/linux-sgx/commit/edfe42a517b3e4b1d81204c3cdef6da6cb35fefc
Teaclave users can apply the following mitigations:
- Use Teacalve SGX SDK with Intel SGX SDK for Linux version 2.14 or later
- Upgrade to Teaclave 0.3.0 or later
## Acknowledgements
We would like to thank Jinhua Cui, National University of Defense
Technology and National University of Singapore, Shweta Shinde, ETH
Zurich , Zhijingcheng Yu, National University of Singapore, and
Prateek Saxena, National University of
Singapore for notifying us about this issue.
## References
- [1] https://jasonyu1996.github.io/SmashEx/
- [2] https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00548.html
- [3] https://github.com/apache/incubator-teaclave/releases/tag/v0.3.0
- [SmashEx: Smashing SGX Enclaves Using
Exceptions](https://arxiv.org/abs/2110.06657)
- [Open Enclave SDK Elevation of Privilege
Vulnerability](https://github.com/openenclave/openenclave/security/advisories/GHSA-mj87-466f-jq42)
This writeup is also published on the Teaclave blog:
https://teaclave.apache.org/blog/2021-10-25-security-advisory-of-smashex-and-cve-2021-0186/.
Mingshen Sun
Apache Teaclave (incubating) PPMC
https://mssun.me
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@teaclave.apache.org
For additional commands, e-mail: dev-help@teaclave.apache.org