Subj : Intel CPUs are still vulnerable to Spectre threats
To   : All
From : TechnologyDaily
Date : Thu Apr 11 2024 12:15:05

Intel CPUs are still vulnerable to Spectre threats

Date:
Thu, 11 Apr 2024 11:00:00 +0000

Description:
Researchers find new ways to grab data from CPUs and they call them InSpectre 
Gadget.

FULL STORY
======================================================================

If security researchers from VU Amsterdam are to be believed, Intels CPUs are 
still vulnerable to Spectre attacks, despite both hardware and software 
mitigations. 

Earlier this week, a team of scientists from the Vrije Universiteit 
Amsterdam, a public research university in The Netherlands, said they 
developed a new technique that allowed them to extract sensitive information 
such as passwords and keys, from vulnerable Intel devices. 

The technique leveraged the same methods as the infamous Spectre attack, 
pulling data from kernel memory and other areas of RAM which shouldnt be 
accessible, all thanks to a feature that predicts what the chip should do 
next. The predictive features goal was to make the device faster. Open source 
effort 

They call the new technique InSpectre Gadget. It looks for gadgets - code 
snippets, even on devices with Spectre protections set up. In a 
demonstration, the researchers said they worked around the FineIBT security 
solution and pulled data from protected kernel memory. 

"We show that our tool can not only uncover new (unconventionally) 
exploitable gadgets in the Linux kernel, but that those gadgets are 
sufficient to bypass all deployed Intel mitigations," the researchers 
explained. "As a demonstration, we present the first native Spectre-v2 
exploit against the Linux kernel on last-generation Intel CPUs, based on the 
recent BHI variant and able to leak arbitrary kernel memory at 3.5 kB/sec." 

The vulnerability is tracked as CVE-2024-2201 and allegedly works against all 
Intel CPUs. 

InSpectre Gadget is an open-source tool, the researchers added. "Our efforts 
led to the discovery of 1,511 Spectre gadgets and 2,105 so-called 'dispatch 
gadgets. The latter are very useful for an attacker, as they can be used to 
chain gadgets and direct speculation towards a Spectre gadget." 

Spectre is a critical vulnerability discovered back in 2018, together with 
the Meltdown flaw. It was said that a mechanism which allowed modern CPUs to 
work faster was leaking sensitive data. Mitigations also resulted in some 
devices working slower. More from TechRadar Pro Spectre returns - Intel and 
ARM-based CPUs hit by serious vulnerability Here's a list of the best 
firewalls around today These are the best endpoint security tools right now



======================================================================
Link to news story:
https://www.techradar.com/pro/security/intel-cpus-are-still-vulnerable-to-spec
tre-threats


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.