Patches for new Retbleed AMD and Intel microprocessor vulnerability may have significant overhead

silversurfer

Super Moderator
Thread author
Verified
Top Poster
Staff Member
Malware Hunter
Aug 17, 2014
11,101
Certain microprocessors from Intel and AMD are vulnerable to a new speculative execution attack related to Spectre Variant 2. Attacks may be used to leak data from kernel memory and mitigations may cause overhead and impact performance of patched systems.

retbleed.png

Researchers at ETH Zurich discovered the vulnerabilities, which they named Retbleed. The attacks exploit vulnerabilities in retpoline, a mitigation introduced in 2018 to mitigate certain speculative execution attacks.

Retpolines work "by replacing indirect jumps and calls with returns". Concerns that returns might also be susceptive to attacks were ignored back in 2018, as it seemed impractical at the time to many. Retpoline research confirmed that exploits are "indeed practical"

The ETH Zurich researchers confirmed the vulnerabilities in older Intel and AMD processors only. According to the released FAQ, Intel Core generation 6 to 8 processors, and AMD Zen 1, Zen 1+ and Zen 2 processors are vulnerable.

The vulnerability was confirmed by the researchers for Linux devices. The researchers state in the FAQ that Windows and Mac systems are affected as well. Intel, on the other hand, stated in a blog post, that company processors on Windows are not affected:
Intel has worked with the Linux community and VMM vendors to provide customers with software mitigation guidance which should be available on or around today's public disclosure date. Note that Windows systems are not affected given that these systems use Indirect Branch Restricted Speculation (IBRS) by default which is is also the mitigation being made available to Linux users.

AMD and Intel are not aware of exploits in the wild that target the new vulnerabilities. Patches for major Linux distributions are already being prepared. Tests will show if and by how much performance will be impacted on systems with the patches.
 

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,862
Surprisingly, I don't see my processor in the list :unsure: If that's the case then that's good news for me.
1657726545766.png

Mine should be under
  • AMD Ryzen™ 3000 Series Desktop processors with Radeon™ graphics
But it's not there. Hopefully AMD didn't exclude it by mistake.
 

silversurfer

Super Moderator
Thread author
Verified
Top Poster
Staff Member
Malware Hunter
Aug 17, 2014
11,101
So Windows users are not affected, right?
Researchers wrote that Windows users are affected, but Intel meant the opposite, so it's confusing... ;)

The researchers state in the FAQ that Windows and Mac systems are affected as well. Intel, on the other hand, stated in a blog post, that company processors on Windows are not affected:
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top