Intel has just finished repairing the CPU ghosts in the past five years and breaking two major loopholes. AMD also confirmed that the dozen or more loopholes that were exposed have little impact on them. They haven’t calmed down for days.
Four researchers from four US universities, Dmitry Evtyushkin, Ryan Riley, Nael Abu-Ghazaleh, and Dmitry Ponomarev found that The modern CPU has a high-risk security vulnerability that has been successfully verified on the Intel Sandy Bridge 2nd generation Core, Haswell 4th generation Core, and the Skylake 6th generation Core platform. The AMD platform is also being tested.
The vulnerability was named 'BranchScope It is similar to the second variant of Spectre's Ghost Vulnerability, which used to be similar to the branch prediction function in modern CPUs.
But the difference is that the second variant of the ghost vulnerability attacks the branch target buffer. BranchScope's goal is directional branch predictor.
Its role is to determine how predictive operations are performed. If it can successfully mislead it, You can trick the CPU into reading and propagating data from an otherwise inaccessible memory space.
The worst thing is, Exploitation of this vulnerability requires no prior access to administrator privileges and can be initiated directly from within user space.
Fortunately, unlike that irresponsible CTS-Labs who informed AMD of open loopholes 24 hours after AMD, the researchers informed the hardware vendors very early on, and it was not until now that the details of the vulnerability were disclosed.
On March 29, local time, researchers will present their research results at the 23rd ASLOS 2018 top international conference.
