Supplementing CVEs with !CVEs: conflicts of interest

Posted Dec 6, 2023 18:31 UTC (Wed) by geofft (subscriber, #59789)
Parent article: Supplementing CVEs with !CVEs

It is ludicrous to advertise this as a solution to conflicts of interest when the whole project seems to exist for the purpose of a security research firm being able to present their findings as legitimate. The CVE system has both false positives and false negatives (which is, honestly, unsurprising for such a complex system). The reason it is able to reject proposed vulnerabilities, and there's a clear conflict of interest when an entity whose motivation is having more CVEs focuses only on the problem of false negatives.

If you look at the company behind this, their services are all offense-based: all their trainings are about exploitation, not building secure systems, and their other services are penetration testing and data recovery. And they are clearly collecting CVEs and now !CVEs for advertising purposes. Organizations like this are exactly the kind of people causing the bogus CVE problem (which LWN covered well). The point of the CVE system, one would hope, is for people to actually keep themselves safe from vulnerabilities, and a company that sits solely on the side of finding more vulnerabilities and not keeping real-world systems secure has its own conflict of interest.

The specific "vulnerability" that they built this system for, NotCVE-2023-0001, is a secure boot bypass via voltage glitching. The vendor says that voltage glitching is outside of their threat model and not one of the things they advertise to customers that they're secure against. I don't know enough about this domain to evaluate whether this particular argument makes sense, but things outside the threat model are, again, precisely the kind of thing causing bogus CVEs. The LWN article gives three examples: an integer overflow "vulnerability" in the curl command line / API where a too-large value would just be interpreted as a smaller integer, a denial-of-service "vulnerability" in Postgres by an administrative user, and the fact that an unlocked password manager database contains credentials that you can read. In all of these cases, the upstream project has drawn the lines of their threat model in perfectly sensible ways, and it helps nobody except the ill-gotten reputations of the CVE discoverers to have vulnerability reports that require being on the trusted side of the threat model.

I do actually think that there should be a way, if this research firm believes that voltage glitching should be in-scope for these processors, to dispute the threat model. There are certainly vendors that draw the lines badly and to their convenience. But then the thing that should be filed is an objection to the threat model as a whole, not some specific attack on the assumption of a modified threat model, because you can generally find hundreds of similar attacks that rely on the same assumption. (The curl CLI can be subverted by LD_PRELOAD, a local sysadmin on the Postgres server can use ptrace, etc. The KeePasXC blog post explicitly says, "having lost control of your computer in this manner would mean the attacker could execute any number of security compromises against your KeePassXC database.")

In some cases the vendor will look obviously wrong and hopefully get shamed into fixing their approach to security, not just the one vulnerability. In some cases (see recent LWN articles on whether Linux kernel filesystem implementations can trust the disk or whether libbfd is secure to hostile input), there's some legitimately non-obvious debate about the threat model itself. And in some cases the researcher will look obviously wrong. In all of these cases, documenting what the vendor believes about the threat model is far more valuable for actual end users, largely because - again to the bogus CVE problem - many actual users probably do align with the vendor's envisioned threat model. Quoting a good article questioning the ReDoS vulnerability fad: "I’ll just be blunt about it: 99.9% of developers do not care about ReDoS 'vulnerabilities,' and they’re right not to care." Even those users who aren't aligned with the vendor's vision are usually better off realigning themselves (e.g. running the affected component in a sandbox or finding some alternative tool for what they're doing) to protect themselves from the hundreds of attacks that actually do exist under the threat model the vendor isn't using. Filing those hundreds of similar attacks one at a time, and patching for them, isn't useful to the users that aren't affected, nor does it actually keep the affected users safe, and especially for small OSS projects, it diverts maintainer attention in a way that probably leaves all users worse off. The only people who would actually benefit, again, are the folks who want to catch CVEs like they're Pokémon.

The only other NotCVE at writing, 2023-0002, is a crash on malformed input in a function that I think is intended to be called by local code. It shows all the signs of CVE abuse: the reporter is claiming it's "obviously reachable (if the fuzzer did then everyone can + it is part of the exposed functions of the module)" but with no analysis of whether it's reachable from untrusted inputs. These tools are all command-line utilities, and nothing in them implies that they're intended to be made accessible to remote users, let alone to untrusted remote users, yet the NotCVE website claims this has an attack vector of "network." This is, again, almost certainly an issue of the researcher having a threat model that is probably unwarranted, and it's exactly the sort of thing the CVE project should be rejecting!

Franky I don't think LWN should be giving these guys the publicity. This is just taking one of the major flaws of the CVE program and calling it a feature.

Supplementing CVEs with !CVEs: conflicts of interest

Posted Dec 6, 2023 19:10 UTC (Wed) by jake (editor, #205) [Link]

> Franky I don't think LWN should be giving these guys the publicity.

Well, if we had not written about it, we would not have gotten your nice comment (and others in the thread). Perhaps I was too credulous in writing it up, but bringing it to the attention of readers seems to have been valuable.

thanks,

jake

Supplementing CVEs with !CVEs: conflicts of interest

Posted Dec 6, 2023 19:50 UTC (Wed) by excors (subscriber, #95769) [Link]

> The specific "vulnerability" that they built this system for, NotCVE-2023-0001, is a secure boot bypass via voltage glitching. The vendor says that voltage glitching is outside of their threat model and not one of the things they advertise to customers that they're secure against. I don't know enough about this domain to evaluate whether this particular argument makes sense, but things outside the threat model are, again, precisely the kind of thing causing bogus CVEs.

From what I've seen, the boundaries of the threat model can be fuzzy. A while ago I was working with a chip in a very similar situation: there was a public disclosure of an easy-to-reproduce voltage glitching attack that could bypass an important security mechanism. The chip had never claimed security against glitching attacks and had been built with no defences against that, so it was behaving as intended. But at least one large customer wasn't happy about the situation, because it made their products vulnerable to any moderately-capable attacker, and I believe they made the chip vendor aware that if the vulnerability wasn't fixed they'd stop using that chip. (This wasn't about assigning blame, it was just about deciding a path forwards). And the vendor didn't have any similar chips with stronger security guarantees, so they'd lose the customer to another vendor.

Instead they spent about a year (and presumably a lot of money) producing a new revision of the silicon with mitigations against that specific attack. They were clear that this still wasn't general protection against glitching attacks, and they made no promises - it was just a best-effort attempt to lower the risk within the constraints of a chip that wasn't designed for that. Evidently they thought it was worth doing it to mollify the customers, and the customers had indicated this change would be enough, at least for a few years while the vendor developed their next-generation chips that were really designed for (and advertised) physical security.

The threat model is useful for communicating expectations between chip vendors and customers, but when a vulnerability is discovered it appears theoretical arguments about classification don't really matter - what ultimately matters is the financial pressure from customers to fix it.

Supplementing CVEs with !CVEs: conflicts of interest

Posted Dec 6, 2023 20:41 UTC (Wed) by mfuzzey (subscriber, #57966) [Link] (9 responses)

I think another part of the problem is on the "consumer" side of CVEs.
Too many people want simple answers to complex problems.
CVEs provide that "it's got a number so needs a fix".
But reality is far more subtle and complex and depends on the use case and threat model and deployment environment, things that only the user can determine.

So I don't think it's possible to say, in the general case, if a voltage glitching attack should be considered in scope for some particular processor. That exact same processor could be used in widely different deployment scenarios. For example in a physically secued data center if someone has the physical access needed to do voltage glitching then you've probably got other issues whereas if the same processor were used in a media center maybe that could be a security issue (at least for those trying to use DRM).

Similarly vulerabilities like Spectre and Meltdown are a huge deal for cloud providers whose entire business is providing compute resources to allow mutually untrusting customers to run their arbitary code on the same physical hardware as they give arbitary read access across trust domains to anyone who can run their own code. On the other hand they're relatively irrelevant for most single purpose embedded devices that only run vendor supplied or approved code.

Supplementing CVEs with !CVEs: conflicts of interest

Posted Dec 7, 2023 19:53 UTC (Thu) by NYKevin (subscriber, #129325) [Link] (8 responses)

> Similarly vulerabilities like Spectre and Meltdown are a huge deal for cloud providers whose entire business is providing compute resources to allow mutually untrusting customers to run their arbitary code on the same physical hardware as they give arbitary read access across trust domains to anyone who can run their own code. On the other hand they're relatively irrelevant for most single purpose embedded devices that only run vendor supplied or approved code.

IMHO, a significant part of the problem is that Spectre-like attacks *don't* give arbitrary read access to arbitrary memory. They give narrow read access to specific parts of memory under specific circumstances. The problem is that it is very, very difficult to figure out exactly what memory and what circumstances are vulnerable. Spectre isn't really one attack, it's a family of attacks, and each attack has its own quirks. Your threat model ends up being this amorphous fog of unknown-unknown side channels.

If Spectre was just "memory protection is dead, you can't run untrusted code on trusted hardware," then this would be a much simpler (albeit more expensive) problem. You would provision a whole CPU for a customer, entirely distrust everything that CPU does until it is deprovisioned and reset, and call it a day. But you can't do that in the real world, because it's overkill - your competitors will implement a series of more targeted fixes instead, and then they would massively undercut you on pricing, because they don't have to provision a whole CPU for each customer. So if you want to stay on the market, you have to play the Spectre whac-a-mole game with everybody else.

Supplementing CVEs with !CVEs: conflicts of interest

Posted Dec 8, 2023 18:27 UTC (Fri) by anton (subscriber, #25547) [Link] (7 responses)

Spectre vulnerability typically give read access to all the memory in the address space. In case of the Linux kernel this includes all of the physical memory AFAIK; that's why the Linux kernel developers actually do the dance of selective Spectre mitigations even though that's far too much work to be reasonable in general IMO. For virtual machines, I guess the guest can only access the memory assigned to its VM; so guests should be secure from each other as long as the hypervisor is secure (which currently means it has to use mitigations).

As for single-purpose embedded systems, they are usually safe because they usually use CPUs without speculation that are not vulnerable to Spectre. If they are vulnerable to Spectre, they might be attacked through the network even if they are single-purpose.

And between cloud providers and single-purpose embedded systems, there are many systems, such as smartphones and PCs, where the hardware is vulnerable, and where I see many people who write that they think that Spectre attacks are too hard to affect them, so they want to disable the mitigations for more performance. As long as many customers think that way, it's no wonder that AMD, ARM, and Intel are not fixing Spectre in hardware.

Supplementing CVEs with !CVEs: conflicts of interest

Posted Dec 9, 2023 12:14 UTC (Sat) by wtarreau (subscriber, #51152) [Link] (6 responses)

> As long as many customers think that way, it's no wonder that AMD, ARM, and Intel are not fixing Spectre in hardware.

No, the reason is that as long as you have can make use of any bit of history in a processor to amortize certain costs and increase performance, there will exist ways to measure it and exploit it. Disabling such history means disabling branch prediction and disabling all caches, and we're back to 8088-like performance, maybe even worse due to the time needed to fetch and decode instructions.

I think many people underestimate how important are such features that are sometimes exploited. Branch prediction, caches, TLBs etc all have a critical role to play and not disabling them while trying to work around Spectre-like attacks means having to find compromises that only slightly affect performance and are considered safe enough to last an extra year or two before the next attack.

On any shared resource system, competing activities are observable to some extents, and there's a point where the only fix if no compromise is acceptable, is to entirely dedicate the platform.

Supplementing CVEs with !CVEs: conflicts of interest

Posted Dec 10, 2023 16:19 UTC (Sun) by anton (subscriber, #25547) [Link] (5 responses)

You fail to distinguish between Spectre and other side-channel attacks. It is possible to fix Spectre while still using caches, branch prediction, and even speculative execution: Treat microarchitectural state like architectural state, as having a speculative state that gets thrown away when mispredictions are resolved, and a committed state; look for "invisible speculation" in the literature. It's also necessary to prevent side channels from resource contention, but there has been work on that, too.

It may not be possible to fix side-channel attacks on the architectural (i.e., committed) state, but at least in that case the mitigations are easier (at least if we only want to protect secret keys and the like): Write all the code that deals with these data in a way that is constant-time wrt. the data. The main bonus compared to Spectre mitigations is that the code that deals with secret keys (and where the mitigation has to be applied) is much smaller than all the code in the address space.

One reason why the pressure is so low on the hardware manufacturers for fixing Spectre in hardware is that many people have been made to think that we have to disable speculation in order to do that, and that costs too much performance to be acceptable. Some layman reading your post might even think that we have to disable branch predictors and caches, and that this results in 8088-like performance. We don't have to disable any of these performance techniques to fix Spectre. Besides, a modern CPU with modern RAM without caches and without branch prediction is at least as fast as a 386 without cache (and many were delivered without cache), probably somewhat faster.

Supplementing CVEs with !CVEs: conflicts of interest

Posted Dec 11, 2023 13:12 UTC (Mon) by paulj (subscriber, #341) [Link] (3 responses)

You could have 20k+ i386 cores on a chip today if you wanted, running at at least 5x the MHz of the original.

Supplementing CVEs with !CVEs: conflicts of interest

Posted Dec 11, 2023 14:44 UTC (Mon) by geert (subscriber, #98403) [Link]

And how will you manage to feed them code/data, from a bursty high-latency DDR5 memory interface?

Supplementing CVEs with !CVEs: conflicts of interest

Posted Dec 13, 2023 4:30 UTC (Wed) by raven667 (subscriber, #5198) [Link] (1 responses)

ok, now I want to see someone manufacture a 20k-core i386 system just for the hell of it. I suppose it'd be treated like a GPU at this point.

Supplementing CVEs with !CVEs: conflicts of interest

Posted Dec 13, 2023 8:08 UTC (Wed) by zdzichu (subscriber, #17118) [Link]

I think Intel tried with Larrabee (and later with Xeon Phi). The original was tens of Pentium-like cores on a single chip.
You may guess how successful it was.

Supplementing CVEs with !CVEs: conflicts of interest

Posted Dec 11, 2023 14:02 UTC (Mon) by farnz (subscriber, #17727) [Link]

To put it slightly differently; we only care that the hardware makes it possible to avoid having side-channels in our software. We care about some side-channel attacks (e.g. ones that let a browser tab run JavaScript to dump session keys used by the browser for TLS), but not about others (e.g. ones that let my editor inspect the source code my compiler is reading, given that my editor can just open those source files directly).

As long as it is possible to write code that has no side-channels, therefore, we don't care if it's also possible to write code that's chock-full of side-channels. The problem with Spectre family attacks is that it's impossible to write code without side-channels when running on a processor that's vulnerable to any attack in that family.

Supplementing CVEs with !CVEs: conflicts of interest

Posted Dec 7, 2023 9:35 UTC (Thu) by pombredanne (guest, #113982) [Link]

Geofft wrote:

> The only people who would actually benefit, again, are the folks who want to catch CVEs like they're Pokémon.

This is an awesome way to state this. I will steal this quote from you

[...]

> Franky I don't think LWN should be giving these guys the publicity. This is just taking one of the major flaws of the CVE program and calling it a feature.

IMHO these discussions must happen to uncover the scams, and are therefore needed. And beyond the discussions, how to fix the problem *sigh* ?