Quote:Researchers from ETH Zurich have uncovered a new class of vulnerabilities linked to Intel processors. They were able to bypass Intel's defenses against Spectre.

Spectre is a class of vulnerabilities that was originally identified in 2018, along with Meltdown, a similar exploit that affected AMD chips. These flaws exploited speculative execution, which in turn leaked data. Though the vulnerabilities were patched 7 years ago, Microsoft released a Registry security mitigation a year ago to protect against the vulnerability.

As it turns out, Spectre has resurfaced in a new persona. The researchers from ETH Zurich have labeled the data-leaking flaws as Branch Prediction Race Conditions (BPRC). These vulnerabilities primarily affect Intel CPUs from the 9th generation (Coffee Lake Refresh) down to the 7th generation (Kaby Lake).

The researches said that the branch predictors on Intel processors are updated asynchronously inside the processor pipeline, as a result of which there are potential race conditions. In such a scenario, two or more processes or threads could attempt to access and update the same information concurrently, and this could lead to chaos. They discovered an exploit was possible where a processor switches privilege levels, such as from user to kernel, while branch predictor updates are still in flight. This can lead to a new attack vector, Spectre v2, which allows unauthorized code injection thanks to elevated privileges. The security experts call it Branch Privilege Injection (BPI). These issues affect all sorts of computers, from PCs to servers in data centres.

Continue Reading...