UPDATED 20:00 EDT / MAY 02 2021

SECURITY

New Spectre vulnerabilities discovered on Intel and AMD processors

Spectre, a chip vulnerability first discovered in 2018 that came to involve more vulnerabilities that year, is back, as researchers have discovered new variants that affect all modern processors.

Detailed this past week by researchers from the University of Virginia and the University of California at San Diego, the three new Spectre vulnerabilities were found in the micro-op cache, a feature found in modern central processing units. The feature is designed to improve the performance of a process by storing low-level instructions that can be fetched in the speculative execution process to predict which functions will be executed. Essentially it improves the performance of a process.

Micro-op cache has been present in Advanced Micro Devices Inc. processors since 2017 and Intel Corp. processors since 2011 and hence the new Spectre vulnerabilities affect chips from both. The new Spectre vulnerabilities allow an attacker to subvert the speculative execution process via the micro-op cache giving access to sensitive data while instructions are being executed.

The first vulnerability allows for a same thread-cross domain attack that exposes information across the same domain. The second allows for a cross-SMT thread attack that can obtain information across threads running on the same physical core. And the third allows for a transient execution attack that can gain access to data through a “misspeculated” path.

“Due to the relatively small size of the micro-op cache, an attack is significantly faster than existing Spectre variants that rely on priming and probing several cache sets to transmit secret information,” the researchers said. The new Spectre attacks are also described as “considerably more stealthy, as it uses the micro-op cache as its sole disclosure primitive, introducing fewer data/instruction cache accesses, let alone misses.”

“Billions of computers and other devices across the globe are just as vulnerable today as they were when Spectre was first announced,” the researchers added.

The original Spectre vulnerabilities were in part fixed at the time, with Microsoft Corp. providing some protection and Intel redesigning next-generation chips. That said, they were never fully protected against: Intel said at the time that it had no intent to provide protection for older chips.

The problem with both the original Spectre and these new Spectre vulnerabilities is that they’re built into the hardware. One method could be disabling micro-op cache or halting speculative execution, but as the researchers noted, this fix would “effectively roll back critical performance innovations in most modern Intel and AMD processors, and this just isn’t feasible.”

Image: Wikimedia Commons

A message from John Furrier, co-founder of SiliconANGLE:

Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.

Join Our Community 

Click here to join the free and open Startup Showcase event.

“TheCUBE is part of re:Invent, you know, you guys really are a part of the event and we really appreciate your coming here and I know people appreciate the content you create as well” – Andy Jassy

We really want to hear from you, and we’re looking forward to seeing you at the event and in theCUBE Club.

Click here to join the free and open Startup Showcase event.