CVSSv4: NA |
CVSSv3: 5.6 |
CVSSv2: 1.9 |
VMScore: 660 |
EPSS: 0.00044 |
KEV: Not Included
Published: 12/03/2020 Updated: 21/11/2024
Vulnerability Summary
Load value injection in some Intel(R) Processors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. The list of affected products is provided in intel-sa-00334: www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00334.html
HERE BE DRAGONS
ONLY meant for PROTOTYPING & EXPERIMENTAL purposes!
NOT FOR PRODUCTION, NOT FOR BETA, NOT FOR ALPHA, ONLY for DEVELOPMENT!
USE to EXPERIMENT, LEARN, and PROTOTYPE!
HERE BE DRAGONS
This code in this repository originated from a fork of the linux-sgx repository, and
using git-filter-repo only the file relevant to building IPP Crypto from source were
kept
Intel® Software Guard Extensions SSL
Introduction
The Intel® Software Guard Extensions SSL (Intel® SGX SSL) cryptographic library is intended to provide cryptographic services for Intel® Software Guard Extensions (SGX) enclave applications
The Intel® SGX SSL cryptographic library is based on the underlying OpenSSL* Open Source project, providing a full-stre
Teaclave SGX SDK
Apache Teaclave (incubating) SGX SDK helps developers to write Intel SGX
applications in the Rust programming language, and also known as Rust SGX SDK
Getting Started
The SDK container can either be built from source or pulled from docker hub and
run as a docker container
Configuration
The docker image now supports Intel ME If you need it, please refer to
Intel® Software Guard Extensions SSL
Introduction
The Intel® Software Guard Extensions SSL (Intel® SGX SSL) cryptographic library is intended to provide cryptographic services for Intel® Software Guard Extensions (SGX) enclave applications
The Intel® SGX SSL cryptographic library is based on the underlying OpenSSL* Open Source project, providing a full-stre
This is a stale repo just for storing the rust-sgx-sdk from alibaba gitlab
Teaclave SGX SDK
Apache Teaclave (incubating) SGX SDK helps developers to write Intel SGX
applications in the Rust programming language, and also known as Rust SGX SDK
Getting Started
The SDK container can either be built from source or pulled from docker hub and
run as a docker container
Configuration
The docker image now supports Intel ME If you need it, please refer to
[⛔️ DEPRECATED] Moved to https://github.com/intel-secl/skc_library
DISCONTINUATION OF PROJECT
This project will no longer be maintained by Intel
Intel has ceased development and contributions including, but not limited to, maintenance, bug fixes, new releases, or updates, to this project
Intel no longer accepts patches to this project
If you have an ongoing need to use this project, are interested in independently developing it, or would li
Fork of linux-sgx with only the code to build ipp-crypto from source
HERE BE DRAGONS
ONLY meant for PROTOTYPING & EXPERIMENTAL purposes!
NOT FOR PRODUCTION, NOT FOR BETA, NOT FOR ALPHA, ONLY for DEVELOPMENT!
USE to EXPERIMENT, LEARN, and PROTOTYPE!
HERE BE DRAGONS
This code in this repository originated from a fork of the linux-sgx repository, and
using git-filter-repo only the file relevant to building IPP Crypto from source were
kept
Rust SGX SDK
Rust SGX SDK helps developers write Intel SGX applications in Rust programming language [CCS'17 Paper pdf] [CCS'19 Paper pdf]
Good News! Our paper "Building and Maintaining a Third-Party Library Supply Chain for Productive and Secure SGX Enclave Development" has been accepted by ICSE'20 SEIP track See you guys in Seoul!
We open-sourced gb
Crypto API Toolkit for Intel(R) SGX
Introduction
License
Prerequisites
System requirements
Software requirements
Building the source
Build configuration
Preparing the source for the build
Configuration options
Compiling
Installation
Running the tests
Uninstallation
APIs, Mechanisms and Attributes
APIs
Mechanisms
Attributes
Quote Generation and Verification
Quote Gene
Fork of https://github.com/apache/incubator-teaclave-sgx-sdk for the Veracruz project.
Rust SGX SDK
Rust SGX SDK helps developers write Intel SGX applications in Rust programming language [CCS'17 Paper pdf] [CCS'19 Paper pdf]
Good News! Our paper "Building and Maintaining a Third-Party Library Supply Chain for Productive and Secure SGX Enclave Development" has been accepted by ICSE'20 SEIP track See you guys in Seoul!
We open-sourced gb
This repository contains the sources and documentation for the LVI-LFB Control Flow Hijacking attack PoC (CVE-2020-0551)
PoC for the LVI-LFB Control Flow Hijacking attack (CVE-2020-0551)
This repository holds the sources for the LVI-LFB Control Flow Hijacking attack PoC
Contents
lvi-cfh-poc - hijack the control flow of another process via line-fill buffer spraying
whitepaper
Prerequisites
Visual Studio 2015
A vulnerable Intel CPU
Authors
Andrei Vlad LUȚAȘ
Dan Horea LUȚAȘ
Additional res
Tiny Intel SGX Example
This super duper minimal Intel SGX example is based on the sample code from the Intel SGX for Linux Repository [1]
Do not expect the code in this repository to be secure, it's just experimental!
What happens here?
The application initializes an enclave
The application performs an enclave call to securely compute the first ten fibonacci numbers in
Intel® Software Guard Extensions SSL
Introduction
The Intel® Software Guard Extensions SSL (Intel® SGX SSL) cryptographic library is intended to provide cryptographic services for Intel® Software Guard Extensions (SGX) enclave applications
The Intel® SGX SSL cryptographic library is based on the underlying OpenSSL* Open Source project, providing a full-stre
Apache Teaclave (incubating) SGX SDK helps developers to write Intel SGX applications in the Rust programming language, and also known as Rust SGX SDK.
Teaclave SGX SDK
Apache Teaclave (incubating) SGX SDK helps developers to write Intel SGX
applications in the Rust programming language, and also known as Rust SGX SDK
Getting Started
The SDK container can either be built from source or pulled from docker hub and
run as a docker container
Configuration
The docker image now supports Intel ME If you need it, please refer to
HERE BE DRAGONS
ONLY meant for PROTOTYPING & EXPERIMENTAL purposes!
NOT FOR PRODUCTION, NOT FOR BETA, NOT FOR ALPHA, ONLY for DEVELOPMENT!
USE to EXPERIMENT, LEARN, and PROTOTYPE!
HERE BE DRAGONS
This code in this repository originated from a fork of the linux-sgx repository, and
using git-filter-repo only the file relevant to building IPP Crypto from source were
kept
Teaclave SGX SDK
Apache Teaclave (incubating) SGX SDK helps developers to write Intel SGX
applications in the Rust programming language, and also known as Rust SGX SDK
Getting Started
The SDK container can either be built from source or pulled from docker hub and
run as a docker container
Configuration
The docker image now supports Intel ME If you need it, please refer to
Teaclave SGX SDK
Apache Teaclave (incubating) SGX SDK helps developers to write Intel SGX
applications in the Rust programming language, and also known as Rust SGX SDK
Getting Started
The SDK container can either be built from source or pulled from docker hub and
run as a docker container
Configuration
The docker image now supports Intel ME If you need it, please refer to
Rust SGX SDK
Rust SGX SDK helps developers write Intel SGX applications in Rust programming language [CCS'17 Paper pdf] [CCS'19 Paper pdf]
Good News! Our paper "Building and Maintaining a Third-Party Library Supply Chain for Productive and Secure SGX Enclave Development" has been accepted by ICSE'20 SEIP track See you guys in Seoul!
We open-sourced gb
Util::Lookup
This repository contains the code for the attack on OpenSSL's base64 decoding routine used in decoding RSA keys
Publication
This work will appear in the proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security A copy of the paper can be found on arXiv
@inproceedings{sieckberndt2021utillookup,
title = {{Util::Lookup}:
Intel® Software Guard Extensions SSL
Introduction
The Intel® Software Guard Extensions SSL (Intel® SGX SSL) cryptographic library is intended to provide cryptographic services for Intel® Software Guard Extensions (SGX) enclave applications
The Intel® SGX SSL cryptographic library is based on the underlying OpenSSL* Open Source project, providing a full-stre
The Register • Thomas Claburn in San Francisco • 10 Mar 2020
Chipzilla's silicon will surrender secrets if properly probed AMD, boffins clash over chip data-leak claims: Side-channel holes revealed in decade of processors
Computer security researchers involved in the discovery of the Meltdown and Spectre vulnerabilities affecting many modern processors have developed a related attack technique called Load Value Injection (LVI). The attack relies on microarchitectural data leakage to inject and execute malicious code in a way that breaks the confidentiality of modern Intel systems. Chipzilla's processors, already weighed down by defenses deployed against side-channel attacks over the past two years, could get slow...
The Register • Thomas Claburn in San Francisco • 10 Mar 2020
Chipzilla's silicon will surrender secrets if properly probed AMD, boffins clash over chip data-leak claims: Side-channel holes revealed in decade of processors
Computer security researchers involved in the discovery of the Meltdown and Spectre vulnerabilities affecting many modern processors have developed a related attack technique called Load Value Injection (LVI). The attack relies on microarchitectural data leakage to inject and execute malicious code in a way that breaks the confidentiality of modern Intel systems. Chipzilla's processors, already weighed down by defenses deployed against side-channel attacks over the past two years, could get slow...