Two new variants of the specter vulnerability discovered

We continue to talk about vulnerabilities related to processors. This time, security researchers have found two new vulnerabilities in Intel's processors, which are related to the well-known Specter.

Two new Specter variants discovered

New variants of the Specter class are described as Specter 1.1 and Specter 1.2. Specter 1.1 was described as a boundary deviation warehouse attack and has been considered the most dangerous. Specter takes advantage of speculative execution, an optimization technique used by modern CPUs that speculatively executes instructions based on assumptions that are considered probable, to potentially expose sensitive data through a side channel by observing the system.

We recommend reading our post on Intel that talks about Specter and Meltdown, in addition to their processes at 14 nm and 10 nm

Researchers Vladimir Kiriansky of MIT and Carl Waldspurger of Carl Waldspurger Consulting discovered two subvariants of Specter Variant 1. Variant 1.1 is a sub-variant of the original variant 1 that takes advantage of speculative reserves to create speculative buffer overflows. This cache buffer overflow problem could allow an attacker to write and execute malicious code that can be exploited to extract data from previously secured CPU memory, including passwords, cryptographic keys and other sensitive information.

Variant 1.2 depends on the lazy PTE application, the same mechanism on which the exploitation of Meltdown is based. This flaw could allow a potential attacker to bypass the read / write PTE flags, eventually allowing them to overwrite the read-only data memory, code metadata, and code pointers.

Although ARM has also acknowledged the existence of variant 1.1 in its blog post, the chipmaker has not explicitly mentioned which ARM CPUs are especially vulnerable. As for AMD, it has yet to acknowledge the issues.

Thehackernews font