
Posted on Monday, May 03 2021 @ 11:48 CEST by Thomas De Maesschalck
Researchers from the University of Virginia and the University of California San Diego have unearthed a new Spectre-like security vulnerability that is capable of beating all previous mitigations. This time, it's a vulnerability that affects both AMD and Intel processors.
A vulnerability in the way x86 processors break down complex instructions into micro-ops, which are stored in micro-ops cache, allows attackers to cause a data leak.
How the vulnerability works
TechPowerUp offers a brief summary of how the exploit works:
Modern x86 processors break down complex instructions into smaller RISC-like units called micro-ops, in the frontend, where it makes the design of the backend part much simples. The micro-ops are stored in the micro-ops cache. The paper is describing micro-op cache-based timing channel exploits in three primary settings: "a) across code regions within the same thread, but operating at different privilege levels, (b) across different co-located threads running simultaneously on different SMT contexts (logical cores) within the same physical core, and (c) two transient execution attack variants that leverage the micro-op cache to leak transiently accessed secrets, bypassing several existing hardware and software-based mitigations, including Intel's recommended LFENCE."
Patches could result in big performance drops
A fix for this new Spectre-like bug is expected to result in a performance drop. The exploit deals with low-level caching structure so a potential fix could result in quite severe performance degradation.