Intel and AMD Vulnerable to New Speculative Execution Attacks 07-14-2022, 02:14 AM
#1
Retpoline didn't work. Intel and AMD are working on it...
Read More: https://arstechnica.com/information-tech...on-attack/
Quote:Some microprocessors from Intel and AMD are vulnerable to a newly discovered speculative execution attack that can covertly leak password data and other sensitive material, sending both chipmakers scrambling once again to contain what is proving to be a stubbornly persistent vulnerability.
Researchers from ETH Zurich have named their attack Retbleed because it exploits a software defense known as retpoline, which was introduced in 2018 to mitigate the harmful effects of speculative execution attacks. Speculative execution attacks, including one known as Spectre, exploit the fact that when modern CPUs encounter a direct or indirect instruction branch, they predict the address for the next instruction they’re about to receive and automatically execute it before the prediction is confirmed. Spculative execution attacks works by tricking the CPU into executing an instruction that accesses sensitive data in memory that would normally be off-limits to a low-privileged application. Retbleed then extracts the data after the operation is canceled.
Read More: https://arstechnica.com/information-tech...on-attack/
![[Image: fSEZXPs.png]](https://i.imgur.com/fSEZXPs.png)
![[+]](https://sinister.ly/images/modern/collapse_collapsed.png)
