Intel CPUs vulnerable to new transient execution side-channel attack

Gandalf_The_Grey

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,596
Content source
https://www.bleepingcomputer.com/news/security/intel-cpus-vulnerable-to-new-transient-execution-side-channel-attack/
A new side-channel attack impacting multiple generations of Intel CPUs has been discovered, allowing data to be leaked through the EFLAGS register.

The new attack was discovered by researchers at Tsinghua University, the University of Maryland, and a computer lab (BUPT) run by the Chinese Ministry of Education and is different than most other side-channel attacks.

Instead of relying on the cache system like many other side-channel attacks, this new attack leverages a flaw in transient execution that makes it possible to extract secret data from user memory space through timing analysis.

The attack works as a side channel to Meltdown, a critical security flaw discovered in 2018, impacting many x86-based microprocessors.
Click to expand...
However, the researchers note that this timing attack isn’t as reliable as cache-state side-channel methods, and to get better results in recent chips, the attack would have to be repeated thousands of times.

“In our experiment, we found that the influence of the EFLAGS register on the execution time of Jcc instruction is not as persistent as the cache state,” reads the part about the evaluation of the experimental data.

“For about 6-9 cycles after the transient execute, the Jcc execute time will not be about to construct a side-channel. Empirically, the attack needs to repeat thousands of times for higher accuracy.”

The researchers admit that the root causes of the attack remain elusive and hypothesize that there’s a buffer in the execution unit of the Intel CPU, which needs time to revert if the execution should be withdrawn, a process that causes a stall if the ensuing instruction depends on the target of the buffer.

However, they still propose some non-trivial mitigations, such as changing the implementation of the JCC instruction to make adversarial execution measuring impossible under any condition, or rewriting the EFLAGS after transient execution to reduce its influence over the JCC instruction.
Click to expand...
www.bleepingcomputer.com

Intel CPUs vulnerable to new transient execution side-channel attack

A new side-channel attack impacting multiple generations of Intel CPUs has been discovered, allowing data to be leaked through the EFLAGS register.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Wow
  • Like
  • +Reputation
Reactions: brambedkar59, Andy Ful, vtqhtr413 and 5 others
piquiteco

piquiteco

Level 14
Oct 16, 2022
626
This is the biggest problem when a vulnerability of this type is discovered, it is like a haunting, I remember Meltdown and Spectre, which at the time, were mitigated, according to the information even though they still will not protect 100%, now EFLAGS has appeared 😲
 
  • Like
Reactions: vtqhtr413
You must log in or register to reply here.

Similar threads

silversurfer
    • +Reputation
    • Like
    • Wow
Researchers Uncover New GPU Side-Channel Vulnerability Leaking Sensitive Data
Replies
0
Views
1,394
News Archive
silversurfer
silversurfer
silversurfer
    • Like
    • Applause
'METIOR' Defense Blueprint Against Side-Channel Vulnerabilities Debuts
Replies
0
Views
815
News Archive
silversurfer
silversurfer
silversurfer
    • Like
    • +Reputation
    • Thanks
Collide+Power, Downfall, and Inception: New Side-Channel Attacks Affecting Modern CPUs
Replies
3
Views
1,999
News Archive
vtqhtr413
vtqhtr413

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top