Adrian Johnson
TLDR:
- A vulnerability called GhostWrite has been discovered in T-Head’s XuanTie C910 and C920 RISC-V CPUs
- The vulnerability allows attackers to gain unrestricted access to devices by bypassing security features
Article Summary:
A team of researchers from the CISPA Helmholtz Center for Information Security in Germany has revealed a critical bug that affects T-Head’s XuanTie C910 and C920 RISC-V CPUs, known as GhostWrite. This vulnerability allows attackers to read and write any part of a device’s memory and control peripheral devices like network cards, even with limited access. The bug resides in the CPU’s vector extension, allowing attackers to bypass process isolation and gain full, unrestricted access to the device. Disabling the vector functionality is currently the most effective countermeasure, but this significantly impacts the CPU’s performance.
The disclosure of GhostWrite comes in the wake of other recent security vulnerabilities, such as flaws in Qualcomm’s Adreno GPU and a security flaw in AMD processors. The vulnerability in AMD processors, dubbed Sinkclose, could potentially allow attackers with kernel access to install persistent malware on a system.
The only way to remediate an infection caused by Sinkclose would be to physically connect to the CPUs using a hardware-based tool. GhostWrite, along with these other vulnerabilities, highlights the importance of continuously monitoring and updating hardware and software to protect against evolving threats.
