Security researchers have identified a side-channel attack, called 'Indirector,' affecting Intel processors from the 13th and 14th generations.
Side-channel attacks have been around for a long time, and Intel has been the target of some of the most aggressive such attacks discovered by researchers in the past six years. Spectre and Meltdown are infamous for their impact on the CPU industry, so much so that companies had to implement hardware fixes into new processor generations.
"This paper introduces novel high-precision Branch Target Injection (BTI) attacks, leveraging the intricate structures of the Indirect Branch Predictor (IBP) and the Branch Target Buffer (BTB) in high-end Intel CPUs (Raptor Lake and Alder Lake)," explained researchers Luyi Li, Hosein Yavarzadeh, and Dean Tullsen.
"Leveraging insights from reverse engineering efforts, this research develops highly precise Branch Target Injection (BTI) attacks to breach security boundaries across diverse scenarios, including cross-process and cross-privilege scenarios and uses the IBP and the BTB to break Address Space Layout Randomization (ASLR)," the researchers added.
The research findings were communicated to Intel in February 2024, but how the problem will be fixed remains to be seen. Intel has informed other hardware and software vendors of the issue. More importantly, Intel also says protections already implemented against other side-channel attacks, such as IBRS, eIBRS, and BHI should be enough to protect against “Indirector.”
"Intel reviewed the report submitted by academic researchers and determined previous mitigation guidance provided for issues such as IBRS, eIBRS, and BHI are effective against this new research and no new mitigations or guidance is required," an Intel spokesperson told The Hacker News.
tags
Silviu is a seasoned writer who followed the technology world for almost two decades, covering topics ranging from software to hardware and everything in between.
View all postsNovember 14, 2024
September 06, 2024