Breaking! Major Vulnerability Discovered in RISC-V – Non-Self-Sufficient = Not Absolutely Secure

The Xi’an University of Technology has discovered a vulnerability in the RISC-V processor.The official announcement from Xi’an University of Technology states that Professor Hu Wei’s team from the School of Cyberspace Security has uncovered a medium-risk vulnerability in the RISC-V SonicBOOM processor design, which has been specifically named by the National Computer Network Emergency Response Technical Team/Coordination Center (CNCERT).

This is the first domestically discovered remotely exploitable medium-risk vulnerability in a RISC-V processor design, and it represents significant progress in the national key R&D project in the field of processor hardware security – the research on key technologies for comprehensive security assessment of nanoscale chip hardware.

Breaking! Major Vulnerability Discovered in RISC-V - Non-Self-Sufficient = Not Absolutely Secure

Xi’an University of Technology stated that most current meltdown and spectre-type processor security vulnerabilities leak information through cache side-channel attacks during the information recovery phase after triggering transient execution. The port contention vulnerability discovered this time can replace cache side-channel attacks as a new type of side-channel attack.

The port contention vulnerability can combine with different transient execution mechanisms to form new types of processor security vulnerabilities. Attackers can exploit this vulnerability to bypass the security protection mechanisms designed by modern processors and operating systems, allowing them to remotely steal protected sensitive information without requiring administrator privileges, leading to the leakage of critical data and personal privacy.

The discovery of the register port contention vulnerability in the RISC-V SonicBOOM processor exceeds the severity, score, and exploitability of similar vulnerabilities already recorded in domestic vulnerability databases.

This incident illustrates that open-source processors still carry risks, and one should not blindly equate open-source with security. As for processors imported from abroad, even if the source code is obtained, it does not guarantee safety, as the purchased source code may not be fully understood, and pre-set backdoors may not be discovered.

To achieve true security, one must rely on self-sufficiency in design and possess high capability levels, making it difficult for hackers to breach.

In summary, relying on foreign technology and purchasing source code for information security is unreliable; the key is to enhance one’s own capabilities.

Leave a Comment