A mechanism to bypass protection against the Specter vulnerability on Intel and AMD processors has been discovered in Linux.

Latest generations of Intel consumer and server processors, as well as AMD processors on older microarchitectures, are vulnerable to attacks using speculative execution mechanisms that bypass existing protections against the Specter vulnerability.

Image source: Damian / pixabay.com

The new vulnerability affects consumer processors Intel Core 12, 13 and 14 generations, server Xeon 5 and 6 generations, as well as AMD Zen 1, Zen 1+ and Zen 2 chips. The attack scheme discovered by researchers at the ETH Zurich allows one to bypass IBPB (Indirect Branch Predictor Barrier) protection mechanism that prevents abuse of speculative execution.

Speculative execution is a feature that optimizes the processor’s performance by executing instructions before they are even needed: if the prediction is correct, the process speeds up. The results of instructions executed based on an incorrect prediction are ignored. This mechanism forms the basis for attacks like Specter, since speculative execution can involve sensitive data that an attacker can extract from the processor cache.

Swiss scientists have confirmed the ability to intercept the results of speculative execution even after the IBPB mechanism has been triggered, that is, by bypassing existing security measures and leaking confidential information – in particular, this can be the root password hash extracted from the suid process. For Intel processors, the IBPB mechanism does not fully eliminate the result of an invalid function being executed after a context change. For AMD processors, the IBPB-on-entry method in the Linux kernel does not work correctly, which is why the results of legacy functions are not removed after IBPB.

Image source: Colin Behrens / pixabay.com

The researchers reported their discovery to Intel and AMD in June 2024. Intel responded that by that time the problem had already been discovered by the company itself – the corresponding vulnerability was assigned the number CVE-2023-38575. Back in March, Intel released a microcode update, but as researchers found, this did not fix the error in all operating systems, including Ubuntu.

AMD also confirmed the existence of the vulnerability and stated that it had already been documented and registered under the number CVE-2022-23824. At the same time, the manufacturer included the Zen 3 architecture in the list of vulnerable ones, which Swiss scientists did not note in their work. AMD characterized the error as software, not hardware; Considering that the manufacturer has known about it for a long time, and it affects only old microarchitectures, the company decided not to release a microcode update that would close the vulnerability.

Thus, both manufacturers knew about the workaround mechanism, but they noted it as potential in the documentation. Swiss scientists, however, have demonstrated that the attack works on Linux 6.5 with IBPB-on-entry protection, which is considered most effective against exploits like Specter. And since AMD refused to close it, the researchers contacted the Linux kernel developers with the intention of independently developing a patch for the “red” processors.

admin

Share
Published by
admin

Recent Posts

Nvidia stock is no longer the best performer – MicroStrategy soars 500% in a year thanks to Bitcoin

Last Wednesday, trading volume in MicroStrategy shares exceeded that of Nvidia and Tesla. The company,…

21 minutes ago

Tired of waiting: sales of S.T.A.L.K.E.R. 2: Heart of Chornobyl exceeded one million copies within two days of release

The post-apocalyptic open-world shooter S.T.A.L.K.E.R. 2: Heart of Chornobyl from the developers from the GSC…

1 hour ago

TSMC to start producing 1.6-nm chips in two years

TSMC's plans for the next couple of years remain largely unchanged - by the end…

1 hour ago

YouTube has added the Dream Screen feature to Shorts – an AI background generator for videos

The YouTube administration announced that the updated Dream Screen feature is now available in the…

1 hour ago

PCs with AI reduce user productivity – people do not know how to properly communicate with AI

Users of PCs with artificial intelligence systems demonstrate lower productivity compared to those who work…

1 hour ago