/* ---- Google Analytics Code Below */

Saturday, August 13, 2022

'Retbleed' Speculative Execution Attack

Brought to my attention last week.    Notably Cloud aspects.  

'Retbleed' Speculative Execution Attack Affects AMD, Intel CPUs

By The Hacker News, July 18, 2022

The most serious attack vector for Retbleed is likely through cloud platforms such as Azure, AWS, and Google Cloud Platform, each of which operate massive numbers of servers.

The "Retbleed" flaw discovered by Johannes Wikner and Kaveh Razavi at ETH Zurich in Switzerland targets older AMD and Intel central processing units as a channel for Spectre-based speculative-execution attacks.

Retbleed is engineered to circumvent "return trampoline" (Retpoline) branch target injection countermeasures.

"Retbleed aims to hijack a return instruction in the kernel to gain arbitrary speculative code execution in the kernel context," explained Wikner and Razavi. "With sufficient control over registers and/or memory at the victim return instruction, the attacker can leak arbitrary kernel data."

To mitigate the potential threat, AMD has unveiled Jmp2Ret, while Intel has recommended employing enhanced Indirect Branch Restricted Speculation, even if Retpoline mitigations are implemented.

From The Hacker News

View Full Article   


No comments: