• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Home
  • Contact Us

iHash

News and How to's

  • eufy Solo IndoorCam C24 (2K, 2-Cam Kit, Plug-in) for $75

    eufy Solo IndoorCam C24  (2K, 2-Cam Kit, Plug-in) for $75
  • eufyCam 2 Pro Add-on Camera for $169

    eufyCam 2 Pro Add-on Camera for $169
  • KyotoUI Pro Version: Lifetime License for $49

    KyotoUI Pro Version: Lifetime License for $49
  • Apple iPad mini 4, 128GB (Refurbished: Wi-Fi Only) for $228

    Apple iPad mini 4, 128GB (Refurbished: Wi-Fi Only) for $228
  • Apple iPad mini 4, 16GB – Gold (Refurbished: Wi-Fi Only) for $170

    Apple iPad mini 4, 16GB – Gold (Refurbished: Wi-Fi Only) for $170
  • News
    • Rumor
    • Design
    • Concept
    • WWDC
    • Security
    • BigData
  • Apps
    • Free Apps
    • OS X
    • iOS
    • iTunes
      • Music
      • Movie
      • Books
  • How to
    • OS X
      • OS X Mavericks
      • OS X Yosemite
      • Where Download OS X 10.9 Mavericks
    • iOS
      • iOS 7
      • iOS 8
      • iPhone Firmware
      • iPad Firmware
      • iPod touch
      • AppleTV Firmware
      • Where Download iOS 7 Beta
      • Jailbreak News
      • iOS 8 Beta/GM Download Links (mega links) and How to Upgrade
      • iPhone Recovery Mode
      • iPhone DFU Mode
      • How to Upgrade iOS 6 to iOS 7
      • How To Downgrade From iOS 7 Beta to iOS 6
    • Other
      • Disable Apple Remote Control
      • Pair Apple Remote Control
      • Unpair Apple Remote Control
  • Special Offers
  • Contact us

New Exploit Bypasses Existing Spectre-V2 Mitigations in Intel, AMD, Arm CPUs

Mar 13, 2022 by iHash Leave a Comment

Spectre-v2

Researchers have disclosed a new technique that could be used to circumvent existing hardware mitigations in modern processors from Intel, AMD, and Arm, and stage speculative execution attacks such as Spectre to leak sensitive information from host memory.

Attacks like Spectre are designed to break the isolation between different applications by taking advantage of an optimization technique called speculative execution in CPU hardware implementations to trick programs into accessing arbitrary locations in memory and thus leak their secrets.

Automatic GitHub Backups

While chipmakers have incorporated both software and hardware defenses, including Retpoline as well as safeguards like Enhanced Indirect Branch Restricted Speculation (eIBRS) and Arm CSV2, the latest method demonstrated by VUSec researchers aims to get around all these protections.

Called Branch History Injection (BHI or Spectre-BHB), it’s a new variant of Spectre-V2 attacks (tracked as CVE-2017-5715) that bypasses both eIBRS and CSV2, with the researchers describing it as a “neat end-to-end exploit” leaking arbitrary kernel memory on modern Intel CPUs.

“The hardware mitigations do prevent the unprivileged attacker from injecting predictor entries for the kernel,” the researchers explained.

“However, the predictor relies on a global history to select the target entries to speculatively execute. And the attacker can poison this history from userland to force the kernel to mispredict to more ‘interesting’ kernel targets (i.e., gadgets) that leak data,” the Systems and Network Security Group at Vrije Universiteit Amsterdam added.

Put differently, a piece of malicious code can use the shared branch history, which is stored in the CPU Branch History Buffer (BHB), to influence mispredicted branches within the victim’s hardware context, resulting in speculative execution that can then be used to infer information that should be inaccessible otherwise.

Prevent Data Breaches

Spectre-BHB renders vulnerable all Intel and Arm processors that were previously affected by Spectre-V2 along with a number of chipsets from AMD, prompting the three companies to release software updates to remediate the issue.

Intel is also recommending customers to disable Linux’s unprivileged extended Berkeley Packet Filters (eBPF), enable both eIBRS and Supervisor-Mode Execution Prevention (SMEP), and add “LFENCE to specific identified gadgets that are found to be exploitable.”

“The [Intel eIBRS and Arm CSV2] mitigations work as intended, but the residual attack surface is much more significant than vendors originally assumed,” the researchers said.

“Nevertheless, finding exploitable gadgets is harder than before since the attacker can’t directly inject predictor targets across privilege boundaries. That is, the kernel won’t speculatively jump to arbitrary attacker-provided targets, but will only speculatively execute valid code snippets it already executed in the past.”

Source link

Share this:

  • Facebook
  • Twitter
  • Pinterest
  • LinkedIn

Filed Under: Security Tagged With: AMD, Arm, bypasses, computer security, CPUs, cyber attacks, cyber news, cyber security news, cyber security news today, cyber security updates, cyber updates, data breach, Existing, exploit, hacker news, hacking news, how to hack, information security, intel, Mitigations, network security, ransomware malware, software vulnerability, SpectreV2, the hacker news

Special Offers

  • eufy Solo IndoorCam C24 (2K, 2-Cam Kit, Plug-in) for $75

    eufy Solo IndoorCam C24  (2K, 2-Cam Kit, Plug-in) for $75
  • eufyCam 2 Pro Add-on Camera for $169

    eufyCam 2 Pro Add-on Camera for $169
  • KyotoUI Pro Version: Lifetime License for $49

    KyotoUI Pro Version: Lifetime License for $49
  • Apple iPad mini 4, 128GB (Refurbished: Wi-Fi Only) for $228

    Apple iPad mini 4, 128GB (Refurbished: Wi-Fi Only) for $228
  • Apple iPad mini 4, 16GB – Gold (Refurbished: Wi-Fi Only) for $170

    Apple iPad mini 4, 16GB – Gold (Refurbished: Wi-Fi Only) for $170

Reader Interactions

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

  • Facebook
  • GitHub
  • Instagram
  • Pinterest
  • Twitter
  • YouTube

More to See

eufy Solo IndoorCam C24 (2K, 2-Cam Kit, Plug-in) for $75

Jan 28, 2023 By iHash

eufyCam 2 Pro Add-on Camera for $169

Jan 28, 2023 By iHash

Tags

* Apple Cisco computer security cyber attacks cyber crime cyber news cybersecurity Cyber Security cyber security news cyber security news today cyber security updates cyber threats cyber updates data breach data breaches google hacker hacker news Hackers hacking hacking news how to hack incident response information security iOS 7 iOS 8 iPhone Malware microsoft network security ransomware ransomware malware risk management Secure security security breaches security vulnerabilities software vulnerability the hacker news Threat update video Vulnerabilities web applications

Latest

ISC Releases Security Patches for New BIND DNS Software Vulnerabilities

Jan 28, 2023Ravie LakshmananServer Security / DNS The Internet Systems Consortium (ISC) has released patches to address multiple security vulnerabilities in the Berkeley Internet Name Domain (BIND) 9 Domain Name System (DNS) software suite that could lead to a denial-of-service (DoS) condition. “A remote attacker could exploit these vulnerabilities to potentially cause denial-of-service conditions and […]

The Nominees for the 2023 Cybersecurity Defender of the Year Award in EMEA

The Nominees for the 2023 Cybersecurity Defender of the Year Award in EMEA

Cybersecurity professionals are often perceived as sole practitioners, plying their craft in dimly lit rooms. Nothing could be further from the truth, as one of the keys to being a successful cybersecurity professional is the ability to collaborate and, more importantly, to share knowledge as far and wide as possible. At Cisco, we have formed […]

KyotoUI Pro Version: Lifetime License for $49

Expires January 25, 2123 23:59 PST Buy now and get 50% off KEY FEATURES The KyotoUI Kit was developed with the goal of supporting any web project, resulting in the creation of a block system that supports all use cases. KyotoUI has everything you need in a single file to build modern and simple interfaces. […]

Apple iPad mini 4, 64GB (Refurbished: Wi-Fi Only) for $193

Expires January 27, 2123 23:59 PST Buy now and get 11% off KEY FEATURES Put the power of a PC in the palm of your hand with the Apple iPad Mini 4 Tablet. With iOS 9 and Apple A8 chip in 1.5 GHz processing speeds, this tablet has the power to handle just about any […]

eufy Security SoloCam L40 for $169

Expires January 04, 2123 21:35 PST Buy now and get 0% off KEY FEATURES Capture Every Detail: Clarity is key when it comes to keeping watch over your home. See exactly whats happening in crisp 2K high-definition video. Security That Shines: As soon as the ultra-sensitive motion detector is triggered, the 600-lumen spotlight lights up […]

Introducing approximate nearest neighbor search in Elasticsearch 8.0

Elastic Stack 8.6.1 released | Elastic Blog

Elastic Stack 8.6.1 released English简体中文한국어日本語FrançaisDeutschEspañolPortuguês Version 8.6.1 of the Elastic Stack was released today. We recommend you upgrade to this latest version over the 8.6.0 minor release. The 8.6.1 release addresses a recent Elastic Cloud issue where a rolling restart would fail for some users. For details of the issues that have been fixed and […]

Jailbreak

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.2.0

Pangu has updated its jailbreak utility for iOS 9.0 to 9.0.2 with a fix for the manage storage bug and the latest version of Cydia. Change log V1.2.0 (2015-10-27) 1. Bundle latest Cydia with new Patcyh which fixed failure to open url scheme in MobileSafari 2. Fixed the bug that “preferences -> Storage&iCloud Usage -> […]

Apple Blocks Pangu Jailbreak Exploits With Release of iOS 9.1

Apple has blocked exploits used by the Pangu Jailbreak with the release of iOS 9.1. Pangu was able to jailbreak iOS 9.0 to 9.0.2; however, in Apple’s document on the security content of iOS 9.1, PanguTeam is credited with discovering two vulnerabilities that have been patched.

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.1.0

  Pangu has released an update to its jailbreak utility for iOS 9 that improves its reliability and success rate.   Change log V1.1.0 (2015-10-21) 1. Improve the success rate and reliability of jailbreak program for 64bit devices 2. Optimize backup process and improve jailbreak speed, and fix an issue that leads to fail to […]

Activator 1.9.6 Released With Support for iOS 9, 3D Touch

  Ryan Petrich has released Activator 1.9.6, an update to the centralized gesture, button, and shortcut manager, that brings support for iOS 9 and 3D Touch.

Copyright iHash.eu © 2023
We use cookies on this website. By using this site, you agree that we may store and access cookies on your device. Accept Read More
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT