A new side-channel attack called “Indirector” has been discovered, putting unprotected Intel Raptor Lake and Alder Lake CPUs at risk of having sensitive data stolen. This vulnerability is related to the Spectre Vulnerabilities that emerged in 2018. Researchers from the University of California, San Diego uncovered this weakness, which targets the indirect branch predictor (IBP) and branch target buffer (BTB) in Intel processors. This type of attack, known as Spectre-V2, takes advantage of branch prediction within the CPU to access confidential information. The researchers are set to present their full findings at the USENIX Security Symposium in August.
The nature of Spectre-type vulnerabilities allows attackers to extract data from a CPU through side-channel attacks without being detected by antivirus programs. Branch prediction, a predictive operation that guesses the outcome of if-then structures in the CPU, leaves behind traces of sensitive data such as encryption keys and passwords. Indirector specifically exploits inefficiencies in the IBP and BTB components to access this information.
Upon informing Intel about the vulnerability, the company stated that existing mitigation recommendations related to IBRS, eIBRS, and BHI effectively address this new research and no additional measures are necessary. Intel’s Technical Mitigation Guide outlines strategies to combat these types of vulnerabilities, including the use of an indirect branch predictor barrier (IBPB) and enhanced BTB randomization and encryption.
While the recommended strategies provide some level of protection, they are considered imperfect solutions due to potential performance impacts, particularly with IBPB in the Linux kernel. It is noted that Intel has already implemented some fixes in newer CPU designs. The researchers have also shared a whitepaper detailing the attacks and a Github repository containing tools for reverse engineering the vulnerability and demonstrating attack proofs of concept.
In conclusion, the Indirector side-channel attack poses a significant threat to Intel Raptor Lake and Alder Lake CPUs, putting sensitive data at risk of being compromised. Researchers have identified weaknesses in the IBP and BTB components of Intel processors, providing detailed insights into how attackers can exploit these flaws. It is crucial for users to follow mitigation strategies outlined by Intel to protect their systems from potential threats.
Article Source
https://www.tomshardware.com/tech-industry/cyber-security/newer-intel-cpus-vulnerable-to-new-indirector-attack-spectre-style-attacks-risk-stealing-sensitive-data-intel-says-no-new-mitigations-required