Some of the newest Intel processors could be hit by dangerous new security flaw — Raptor Lake and Alder Lake both affected

Celebrity Gig

Experts have discovered a new way to run side-channel attacks on some of the latest processors from Intel, and warned if users don’t secure their devices, they risk losing sensitive data to cyber-criminals.

Security researchers Luyi Li, Hosein Yavarzadeh, and Dean Tullsen detailed an attack they named Indirector, which abuses vulnerabilities found in Indirect Branch Predictor (IBP) and the Branch Target Buffer (BTB) to work around the chip’s defenses and obtain important data. 

It was said that both Raptor Lake and Alder Lake were susceptible to Indirector.

READ ALSO:  Bitcoin miner Core Scientific filing for bankruptcy, will keep mining

A patch is available

IBP is a hardware component that predicts the target addresses of indirect branches (control flow instructions). Since the address is computed at runtime, the IBP uses a combination of global history and branch address to predict the target address of indirect branches, the researchers explained. 

In other words, IBPs are vulnerable and allow the attackers to run Branch Target Injection (BTI) attacks which, in turn, grant them the ability to grab sensitive information directly from the unit. To that end, the researchers built a tool called iBranch Locator. 

READ ALSO:  SVB collapse unlikely to hit fundraising for Southeast Asia startups: VCs

The researchers tipped Intel off on their findings earlier this year, and while the company acknowledged their discovery, they said that previous fixes address this method, too.

“Intel reviewed the report submitted by academic researchers and determined previous mitigation guidance provided for issues such as IBRS, eIBRS, and BHI are effective against this new research and no new mitigations or guidance is required,” a spokesperson for the company told The Hacker News.

Similar to the Spectre and Meltdown vulnerabilities from a few years back, this method also leans on speculative execution. That is a feature that most modern CPUs use, in which the chips “speculate” the path of a branch and execute instructions ahead of time to improve performance. Patching these types of flaws usually reduce the performance of the processors.

Via TheHackerNews

More from TechRadar Pro

Categories

Share This Article
Leave a comment