AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Indirector vulnerability discovered in modern Intel CPUs

New Intel CPU security threat: learn how the Indirector attack can compromise your data and key techniques to protect yourself

A new vulnerability called Indirector affects recent Intel processors, exploiting flaws in the IBP and BTB components to access sensitive data. Intel has recommended mitigation measures but they may affect performance. The discovery will be presented at the USENIX Security Symposium.

This pill is also available in Italian language

Researchers have identified a new vulnerability called Indirector that affects Intel's latest processors, including the 12th and 13th generation Alder Lake and Raptor Lake series. This attack exploits flaws in the Indirect Branch Predictor (IBP) and Branch Target Buffer (BTB) hardware components, aimed at manipulating speculative execution to obtain sensitive data. The discovery was made by three researchers from the University of California, San Diego, who will present the details at the upcoming USENIX Security Symposium scheduled for August. Employing sophisticated injection and prediction techniques, this attack allows you to control the flow of protected processes to extract sensitive information.

The main mechanisms of the Indirector attack

The Indirector attack exploits three main mechanisms for its operation: iBranch Locator, a customized tool that discovers the indexes and tags of the victim branches; IBP/BTB injections, which allow speculative execution of the code through selective injections into prediction structures; and Bypass ASLR, which facilitates control flow manipulation of protected processes by accurately identifying indirect branch locations. Through these mechanisms, Indirector is able to evade protections and gain access to critical data, compromising the security of systems based on these Intel CPUs.

Actions Taken by Intel for Mitigation

Intel was made aware of the Indirector vulnerability in February 2024 and promptly notified hardware and software vendors. To mitigate the risk, several measures have been suggested including intensive use of the Indirect Branch Predictor Barrier (IBPB) and improvement of the Branch Prediction Unit (BPU) through increased tag complexity, use of encryption and randomization. However, implementing these countermeasures may result in significant performance tradeoffs. In particular, aggressive use of IBPB can drastically reduce performance, requiring a careful balance between safety and efficiency.

Implications for Linux systems and conclusions

In Linux operating systems, IBPB is enabled by default during transitions to SECCOMP mode or for tasks with limited indirect branches in the kernel. Despite this, its use is limited due to the impact on performance, which can be up to 50%. This vulnerability once again highlights the need to constantly improve security measures in modern processors, carefully balancing protections against performance losses. It remains essential to monitor future developments and implement timely updates to maintain adequate protection against increasingly sophisticated threats such as Indirector.

Follow us on Google News for more pills like this

07/02/2024 21:16

Marco Verro

Complementary pills

TPM chip vulnerabilities and risks without physical accessTPM chip security under scrutiny: new vulnerabilities and mitigation strategies

New security risks for Intel serversCritical flaw revealed in Intel server processing chips

Last pills

Google Cloud security predictions for 2024: how AI will reshape the cybersecurity landscapeFind out how AI will transform cybersecurity and address geopolitical threats in 2024 according to Google Cloud report

AT&T: data breach discovered that exposes communications of millions of usersDigital security compromised: learn how a recent AT&T data breach affected millions of users

New critical vulnerability discovered in OpenSSH: remote code execution riskFind out how a race condition in recent versions of OpenSSH puts system security at risk: details, impacts and solutions to implement immediately

Discovery of an AiTM attack campaign on Microsoft 365A detailed exploration of AiTM attack techniques and mitigation strategies to protect Microsoft 365 from advanced compromises