New Inception Attack Let Attackers Steal Sensitive Data from all AMD Zen CPUs
- С сайта: Vulnerability cybersecuritynews.com
- Вернуться к списку новостей
С сайта: Vulnerability cybersecuritynews.com
Phantom Speculation and Training in Transient Execution are two novel techniques that have been identified to leak arbitrary information from all modern CPUs.
A new technique called “Inception” has emerged from the combination of these methods.
Phantom Speculation can be used to trigger misprediction without any source branches of the misprediction, whereas Training in Transient Execution can be used to manipulate future mispredictions through past mispredictions which are triggered by the attacker.
CVE-2023-20569: Inception: Microarchitectural Stack Overflow This is a novel transient execution attack that leaks arbitrary information on all AMD Zen CPUs with the presence of all the software as well as hardware mitigations.
Inception is an idea in the CPU in the state of “dreaming” resulting in wrong actions based on the previous activities and predictions.
Inception also hijacks the transient control flow of return instructions.
Training in Transient Execution (TTE) Instead of leaking the data in the transient windows, this attack abuses the transient window for inserting new predictions into the branch predictor, making the future transient windows more powerful.
These attacks require specific gadgets in the victim code.
CVE-2022-23825: Phantom Speculation This technique enables an attacker to create a transient window at arbitrary instructions which are followed by XOR instruction which makes the windows behave like a call instruction and allows the attacker to create a transient window.
A complete report has been published by Comsec, which provides detailed information on the technique, method, combination, mitigation, and resource of Inception.
This technique will be presented at the 32nd USENIX Security Symposium this year.
A research
#Cyber_Security_News #Vulnerability #cyber_security #vulnerability
Оригинальная версия на сайте:
New Inception Attack Let Attackers Steal Sensitive Data from all AMD Zen CPUs
Author: EswarPhantom Speculation and Training in Transient Execution are two novel techniques that have been identified to leak arbitrary information from all modern CPUs.
A new technique called “Inception” has emerged from the combination of these methods.
Phantom Speculation can be used to trigger misprediction without any source branches of the misprediction, whereas Training in Transient Execution can be used to manipulate future mispredictions through past mispredictions which are triggered by the attacker.
CVE-2023-20569: Inception: Microarchitectural Stack Overflow This is a novel transient execution attack that leaks arbitrary information on all AMD Zen CPUs with the presence of all the software as well as hardware mitigations.
Inception is an idea in the CPU in the state of “dreaming” resulting in wrong actions based on the previous activities and predictions.
Inception also hijacks the transient control flow of return instructions.
Training in Transient Execution (TTE) Instead of leaking the data in the transient windows, this attack abuses the transient window for inserting new predictions into the branch predictor, making the future transient windows more powerful.
These attacks require specific gadgets in the victim code.
CVE-2022-23825: Phantom Speculation This technique enables an attacker to create a transient window at arbitrary instructions which are followed by XOR instruction which makes the windows behave like a call instruction and allows the attacker to create a transient window.
A complete report has been published by Comsec, which provides detailed information on the technique, method, combination, mitigation, and resource of Inception.
This technique will be presented at the 32nd USENIX Security Symposium this year.
A research
#Cyber_Security_News #Vulnerability #cyber_security #vulnerability
Оригинальная версия на сайте:
