CATEGORIES
home News

AMD And Intel CPUs Rocked By New Speculative Execution Attack With A Huge Performance Hit

by Zak KillianWednesday, July 13, 2022, 05:08 PM EDT
intel says new spectre chip flaw is already fixed but security researchers say not so fast
Dp you remember a few years ago when everyone panicked over a couple of security flaws known as Meltdown and Spectre? These were a new type of security hole altogether, known as speculative execution flaws because they exploit the so-named capability of modern processors. That was back in 2018, and since then, every tech company under the sun has issued patches, firmware updates, and other guidance to mitigate the danger of these attacks.

So that's all over and dealt with, right? Well... not exactly. As it turns out, one of the major mitigations deployed against Spectre, known as "retpoline", isn't actually as helpful as we thought. A new flaw, known as "retbleed", has been discovered by researchers at ETH Zurich. Retbleed evades earlier protections against a specific form of the Spectre vulnerability, including machines using the retpoline mitigation.

retbleed leakage chart

Without getting into the technical weeds, where earlier Spectre attacks targeted indirect calls and jumps, retbleed instead targets returns. It works on both Intel and AMD machines, although it's drastically more effective on the latter. Like earlier Spectre attacks, once executed, it can allow any application executing on the target CPU to read any memory, regardless of whether it has the authority to do so.

This is, obviously, very bad for security. Password hashes and other secure information can be leaked to unprivileged software that normally wouldn't have access to kernel memory. By the researchers' estimate, a retbleed exploit can find and leak a Linux computer's root password hash from memory in around 28 minutes on an Intel machine and around 6 minutes for an AMD system.



Everyone reading this should flip out and rush to patch their systems, right? No, probably not. While retbleed is a very serious vulnerability, it only affects certain hardware: Intel machines from the 6th thru 8th generation Core families, and AMD Zen, Zen+, and Zen 2 systems. Intel says that it's also automatically mitigated by recent versions of Windows, which have Indirect Branch Restricted Speculation (IBRS) enabled by default. IBRS is an effective mitigation against retbleed, so Windows systems are essentially inoculated already.

Linux users on affected machines do have cause for concern, though, and that particularly extends to hosting providers and other folks that allow remote users to login to their systems without supervision. Both AMD and Intel say that they're not aware of anyone making use of these vulnerabilities in the wild, but patches aren't available yet. When they do become available, they may come with a performance hit of as much as 28%. Hopefully some clever coders will come up with a way to mitigate that performance loss.
Tags:  security, vulnerabilities, spectre, CPUs, retbleed
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2023 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment