June 6, 2023

Researchers devised a new side-channel attack that affects AMD CPUs. This set of researchers earlier discovered the Spectre and meltdown vulnerabilities that created a havoc years back that exploited in wild.

The new attacks leverage time and power measurements of prefetch instructions, experts pointed out that their variations can be observed from unprivileged user space.

We discover timing and power variations of the prefetch instruction that can be observed from unprivileged user space. In contrast to previous work on prefetch attacks on Intel, we show that the prefetch instruction on AMD leaks even more information.

Researchers Publication

The researchers demonstrated the first microarchitectural break of exploit mitigation technique KASLR on AMD CPUs. They monitored kernel activity and were able to establish a covert channel. The team also demonstrated also how to exfiltrate data from kernel memory using simple Spectre gadgets in the Linux kernel.

The flaws were collectively tracked as CVE-2021-26318, according to AMD the medium severity flaws impacts all of its CHIPS. Since there is no direct impact and data leakage can happen.

The researchers reported their findings to AMD and AMD acknowledged the findings and provided feedback. Countermeasures and mitigation strategies for the presented attacks as below.

  • Page Table Isolation.
  • FLARE.
  • Prefetch Configuration MSRs.
  • Restricting Access.
Tags:

Leave a Reply

You may have missed

Byte Code Bites PYPI

Byte Code Bites PYPI

June 5, 2023
Enzo Biochem Suffers a Data Breach

Enzo Biochem Suffers a Data Breach

June 5, 2023
BlackSuit Ransomware Dissection

BlackSuit Ransomware Dissection

June 4, 2023
TheCyberThrone CyberSecurity Newsletter Top 5 Articles – May, 2023

TheCyberThrone CyberSecurity Newsletter Top 5 Articles – May, 2023

June 4, 2023
Cisco buys Armorblox

Cisco buys Armorblox

June 3, 2023
CISA KEV Update Part I – May 2023

CISA KEV Update Part I – May 2023

June 3, 2023
%d bloggers like this: