Security researchers with the CISPA Helmholtz Center for Information Security have disclosed GhostWrite, a new CPU vulnerability affecting a common RISC-V processor.

While we are used to hearing about CPU vulnerabilities for x86/x86_64 and ARM, there's been less so for RISC-V in part since it hasn't been as big of a target for security researchers with less notable devices out in the market currently relying on RISC-V. But with more vendors exploring their own RISC-V chips and even more RISC-V single board computers coming to market that are more capable, it will become an increasing target for both security researchers and attackers.

The GhostWrite vulnerability allows unprivileged attackers to read/write to any part of the computer's memory and to be able to control peripheral devices like network adapters. The researchers note that the vulnerability cannot be fixed without disabling "around half of the CPU's functionality." GhostWrite comes down to an architectural bug and isn't a speculative execution vulnerability like we are so used to seeing these days.

The RISC-V CPU where the GhostWrite vulnerability was discovered is the T-Head XuanTie C910, which is found in various bare metal cloud instances like the previously reviewed [1]Scaleway EM RV1 to various Lichee devices from compute clusters to gaming consoles to laptops and various RISC-V single board computers.

The researchers believe the only way to address the GhostWrite vulnerability is disabling the vector extension of the CPU and in turn negatively impacting the performance. The researchers peg the overhead at around 77% to disabling the RISC-V vector extension support to mitigate GhostWrite.

More details on the new GhostWrite vulnerability via [2]GhostWriteAttack.com .



[1] https://www.phoronix.com/review/scaleway-risc-v-cloud

[2] https://ghostwriteattack.com/