Saturday, May 18, 2024

7 New Meltdown and Spectre Level Vulnerabilities Discovered that Affected ARM, Intel & AMD CPU’s

A team of Researchers discovered 7 New Meltdown and Spectre Level attacks called a sound and extensible systematization of transient execution which includes 2 new Meltdown Attack variants and 5 variants belong to Spectre attack.

All the 7 attacks are affected the 3 major processor vendors Intel, AMD, ARM that allows an attacker to gain access to vulnerable system data.

Among the 7 Attacks, Meltdown-BR exploiting the meltdown effect  x86 bound instruction on Intel and AMD and Meltdown-PK exploiting the Meltdown-type effect on memory protection keys on Intel and other 5 exploiting Spectre-PHT and Spectre-BTB attacks.

Researchers called it as an extensible systematization of transient execution attacks in  microarchitectural level in CPU that leads to exploit transient execution and encode secrets.

Transient Execution Attacks does not influence the architectural state during the execution of transient instructions but it affects the microarchitectural state.

So this attacks will transfer the microarchitectural state into an architectural state in order to exploit these microarchitectural state changes to extract sensitive information.

Two Meltdown & Five Spectre Attacks

Original Meltdown breaks the separation between the user accounts and the operating systems, it allows access to the memory where attacker extract secret information from other programs and operating systems.

This new 2 Meltdown Attacks exploits an x86 bound instruction on Intel and AMD and bypasses memory protection keys on Intel CPUs.

Meltdown-BR attack related to bound range exceeded exception that bypass the bound checks in x86 processors that affected Intel processors ship with Memory Protection eXtensions (MPX) for efficient array bounds checking.

Meltdown-PK Attack attack to bypass both read and write isolation guarantees enforced through memory-protection keys and PKU isolation can be bypassed if an attacker has code execution in the containing process.

Original Spectre breaks the isolation between the applications, it allows an attacker to trick legitimate applications into leaking their secrets.

Spectre attacks involve inducing a victim to speculatively perform operations that would not occur during correct program execution and which leak the victim’s confidential information via a side channel to the adversary.

In this new 5 Spectre attacks exploiting the Pattern History Table mechanism.

  1. Spectre PHT-CA-OP – attack exploits the CPU Pattern History Table (Cross-Address-space Out of Place)
  2. Spectre PHT-CA-IP – attack exploits the CPU Pattern History Table (Same Address-space In Place)
  3. Spectre PHT-SA-OP – attack exploits the CPU Pattern History Table (Same Address-space Out of Place)
  4.  Spectre BTB-SA-IP – attack exploits the CPU Branch Target Buffer (Same Address-space In Place)
  5.  Spectre BTB-SA-OP – attack exploits the CPU Branch Target Buffer (Same Address-space Out of Place)

All the above attacks that affected  Intel, ARM, and AMD. are clearly demonstrated by the group researchers in their Research Paper.

Spoke person from INTEL said, “The vulnerabilities documented in this paper can be fully addressed by applying existing mitigation techniques for Spectre and Meltdown, including those previously documented here, and elsewhere by other chipmakers. Protecting customers continues to be a critical priority for us and we are thankful to the teams at Graz University of Technology, imec-DistriNet, KU Leuven, & the College of William and Mary for their ongoing research.”

According to the researchers, Defenses that require hardware modifications are only evaluated theoretically. In addition, we discuss which vendors have CPUs vulnerable to what type of Spectre- and Meltdown-type attack but that only ARM and Intel acknowledged their findings.


Latest articles

Norway Recommends Replacing SSLVPN/WebVPN to Stop Cyber Attacks

A very important message from the Norwegian National Cyber Security Centre (NCSC) says that...

New Linux Backdoor Attacking Linux Users Via Installation Packages

Linux is widely used in numerous servers, cloud infrastructure, and Internet of Things devices,...

ViperSoftX Malware Uses Deep Learning Model To Execute Commands

ViperSoftX malware, known for stealing cryptocurrency information, now leverages Tesseract, an open-source OCR engine,...

Santander Data Breach: Hackers Accessed Company Database

Santander has confirmed that there was a major data breach that affected its workers...

U.S. Govt Announces Rewards up to $5 Million for North Korean IT Workers

The U.S. government has offered a prize of up to $5 million for information...

Russian APT Hackers Attacking Critical Infrastructure

Russia leverages a mix of state-backed Advanced Persistent Threat (APT) groups and financially motivated...

Millions Of IoT Devices Vulnerable To Attacks Leads To Full Takeover

Researchers discovered four significant vulnerabilities in the ThroughTek Kalay Platform, which powers 100 million...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

Live API Attack Simulation

94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise.
Key takeaways include:

  • An exploit of OWASP API Top 10 vulnerability
  • A brute force ATO (Account Takeover) attack on API
  • A DDoS attack on an API
  • Positive security model automation to prevent API attacks

Related Articles