New CPU attack technique can leak secrets from Intel SGX enclaves

Researchers have devised a new attack against Intel CPUs that can leak sensitive secrets stored in SGX secure enclaves and, at least in theory, from privileged processes across security boundaries such as kernel space, virtual machines and hypervisors. Dubbed Load Value Injection (LVI), the new attack is based on techniques used in other CPU vulnerabilities such as Spectre, Meltdown and Microarchitectural Data Sampling (MDS), but is different, more importantly, in that it bypasses the mitigations put in place for those flaws.

To read this article in full, please click here