Intel discovers that there is a problem with the patch released by AMD in response to the CPU vulnerability 'Specter'

When the hardware-level vulnerability ' Specter ' that exists in a wide range of processors was discovered in early 2018, it was pointed out that 'all processors have a problem that both safety and high speed cannot be achieved', and the entire IT industry I was forced to respond . As a countermeasure for such Specter, there was a problem with one of the patches released by AMD in 2018, and it was discovered by Intel's research team that an attack that exploited Specter was possible.

[2203.04277] You Cannot Always Win the Race: Analyzing the LFENCE / JMP Mitigation for Branch Target Injection

Intel Finds Bug in AMD's Specter Mitigation, AMD Issues Fix | Tom's Hardware

Specter is a vulnerability inherent in a wide range of CPUs such as Intel, AMD, and Arm, not limited to specific processors. By exploiting this, unauthorized programs can read and write data in any memory area, and passwords and encryption. You can steal the conversion key. It has also been reported that performance has dropped on CPUs with patches because it is related to ' speculative execution ', which is one of the methods to improve the processing speed of CPUs.

In March 2022, a method called ' BHI (Specter-BHB) ' was discovered that bypasses the previously released Specter patch and enables attacks, and Intel and Arm will distribute more patches. It also became.

Branch History Injection --VUSec

AMD's processors are said to be unaffected by BHI, but new Intel security team STORM researchers have said, 'How to evade AMD's 2018 Specter patch. I reported that I found it. It seems that the problem was discovered in a fix patch called ' LFENCE / JMP ' distributed by AMD in 2018, and it will affect almost all modern AMD processors such as desktop PCs, notebook PCs, processors for data centers.

The research team found a problem with AMD's patch because ecosystem partners are considering using LFENCE / JMP technology for Intel, which needed a new Specter countermeasure approach due to BHI's discovery. It is reported that the request was the trigger. In response to this voice, STORM researchers investigated 'LFENCE / JMP' and found that the defense against attacks that abused Specter was insufficient.

AMD claims that it has not identified any cases of active misuse of the 'LFENCE / JMP' issue in the publicly available security bulletin regarding the issue. He has also released an update that fixes the issue: 'AMD reported this issue and engaged in coordinated disclosure of vulnerabilities for Intel STORM's Ke Sun, Alyssa Milburn, Henrique Kawakami, and Emma. Thanks to Benoit, Igor Chervatyuk, Lisa Aichele and Thais Moreira Hamasaki. '

LFENCE / JMP Mitigation Update for CVE-2017-5715 | AMD

in Hardware,   Security, Posted by log1h_ik