• Latest
  • Trending
New Retbleed speculative execution CPU attack bypasses Retpoline fixes

New Retbleed speculative execution CPU attack bypasses Retpoline fixes

July 15, 2022
ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023
Vice President Dr. Bawumia inaugurates  ICT Hub

Vice President Dr. Bawumia inaugurates ICT Hub

April 2, 2023
Co-Creation Hub’s edtech accelerator puts $15M towards African startups

Co-Creation Hub’s edtech accelerator puts $15M towards African startups

February 20, 2023
Data Leak Hits Thousands of NHS Workers

Data Leak Hits Thousands of NHS Workers

February 20, 2023
EU Cybersecurity Agency Warns Against Chinese APTs

EU Cybersecurity Agency Warns Against Chinese APTs

February 20, 2023
How Your Storage System Will Still Be Viable in 5 Years’ Time?

How Your Storage System Will Still Be Viable in 5 Years’ Time?

February 20, 2023
The Broken Promises From Cybersecurity Vendors

Cloud Infrastructure Used By WIP26 For Espionage Attacks on Telcos

February 20, 2023
Instagram and Facebook to get paid-for verification

Instagram and Facebook to get paid-for verification

February 20, 2023
YouTube CEO Susan Wojcicki steps down after nine years

YouTube CEO Susan Wojcicki steps down after nine years

February 20, 2023
Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022
8 Most Common Causes of a Data Breach

5.7bn data entries found exposed on Chinese VPN

August 18, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Monday, 5 June, 2023
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

New Retbleed speculative execution CPU attack bypasses Retpoline fixes

by ITECHNEWS
July 15, 2022
in Infosec, Leading Stories
0 0
0
New Retbleed speculative execution CPU attack bypasses Retpoline fixes

Security researchers have discovered a new speculative execution attack called Retbleed that affects processors from both Intel and AMD and could be used to extract sensitive information.

Retbleed focuses on return instructions, which are part of the retpoline software mitigation against the speculative execution class of attacks that became known starting early 2018, with Spectre.

YOU MAY ALSO LIKE

ATC Ghana supports Girls-In-ICT Program

Vice President Dr. Bawumia inaugurates ICT Hub

The issue impacts Intel Core CPUs from generation 6 (Skylake – 2015) through 8 (Coffee Lake – 2017) and AMD Zen 1, Zen 1+, Zen 2 released between 2017 and 2019.

Leveraging return instructions

Speculative execution is an optimization technique that allows CPUs to perform computations before knowing if they are required by future tasks.

When the destination address is known, a direct branch contained in the instruction is followed. An indirect branch occurs when there is no clue about the destination but it is predicted from already executed branches.

Spectre attacks take advantage of these guesses, tricking the processor into running instructions that require sensitive data from the memory.

Retpoline was released a software-based solution to mitigate speculative execution attacks by using return operations to isolate indirect branches.

However, researchers at ETH Zurich university found a way to force the prediction of the return operations just like in the case of indirect branches, and to inject branch targets in the kernel address-space, regardless of the user’s privileges.

We found that we can trigger the microarchitectural conditions, on both AMD and Intel CPUs, that forces returns to be predicted like indirect branches. We also built the necessary tools to discover locations in the Linux kernel where these conditions are met.

We found that we can inject branch targets that reside inside the kernel address-space, even as an unprivileged user. Even though we cannot access branch targets inside the kernel address-space — branching to such a target results in a page fault — the Branch Prediction Unit will update itself upon observing a branch and assume that it was legally executed, even if it’s to a kernel address.

The researchers further explain in a technical paper on Retbleed that using a precise branch history on Intel CPUs, it is possible to hijack all return instructions that “follow sufficiently-deep call stacks.”

In the case of AMD processors, it is possible to hijack any return instructions if the previous branch destination was chosen correctly during branch poisoning.

PoC in action

The researchers also published a video that shows how Retbleed can be used to leak kernel memory on Intel and AMD processors:

For Intel processors, the vulnerability is tracked as CVE-2022-29901. Intel has released a security advisory recommending the use of Indirect Branch Restricted Speculation (IBRS) instead of retpoline.

IBRS is available by default on Windows systems, so no update is required. Intel worked with the Linux community to create updates that address the Retbleed issue.

For AMD CPUs, Retbleed is tracked as CVE-2022-29900. The company released guidance to mitigate the issue that could lead to the disclosure of sensitive information.

Although ETH Zurich researchers developed a Retbleed proof of concept (PoC) only for Linux, the vulnerability affects other operating systems, too, because it is hardware related.

The technical paper on Retbleed has been published and the researchers will present the vulnerability on August 10 at the Usenix Security conference.

Source: Ionut Ilascu
Via: bleepingcomputer
Tags: New Retbleed speculative execution CPU attack bypasses Retpoline fixes
ShareTweetShare
Plugin Install : Subscribe Push Notification need OneSignal plugin to be installed.

Search

No Result
View All Result

Recent News

ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023
Vice President Dr. Bawumia inaugurates  ICT Hub

Vice President Dr. Bawumia inaugurates ICT Hub

April 2, 2023
Co-Creation Hub’s edtech accelerator puts $15M towards African startups

Co-Creation Hub’s edtech accelerator puts $15M towards African startups

February 20, 2023

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023
Vice President Dr. Bawumia inaugurates  ICT Hub

Vice President Dr. Bawumia inaugurates ICT Hub

April 2, 2023

Recent News

  • ATC Ghana supports Girls-In-ICT Program April 25, 2023
  • Vice President Dr. Bawumia inaugurates ICT Hub April 2, 2023
  • Co-Creation Hub’s edtech accelerator puts $15M towards African startups February 20, 2023
  • Data Leak Hits Thousands of NHS Workers February 20, 2023
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Go to mobile version