iTWire Monday, 03 May 2021 11:05 US researchers find flaw affecting processors made since 2011
Shares Ashish Venkat: We show how an attacker can smuggle secrets through the micro-op cache by using it as a covert channel.” Supplied
Researchers at the University of Virginia School of Engineering computer science department have discovered vulnerabilities earlier in the speculative execution chain of a processor than the Spectre flaw which was made public in January 2018.
Spectre can trick vulnerable applications into leaking the contents of their memory.
The UVA team
found a way to exploit what is called a micro-op cache which speeds up computing by storing commands early in the speculative execution process. Micro-op caches are present in Intel processors produced since 2011.
A team of researchers has found new Spectre exploits affecting both Intel and AMD processors. The currently available mitigations do not avoid an attack using the new exploits, but researchers are still unsure about the difficulty of using the newly found vulnerabilities in a real-world application.
The paper (via Phoronix) shared by the researchers of the University of Virginia and University of California San Diego shows that there are three attacks exploiting micro-op cache vulnerabilities. Considering Intel has been using micro-op caches since Sandy Bridge and AMD since the first Zen architecture, most modern systems are prone to an attack using these exploits.