Researchers from ETH Zurich have discovered new vulnerabilities in Intel and AMD processors, six years after the Specter security flaws were discovered.
A new variant of Specter, called “Post-Barrier Specter,” allows attackers to bypass critical security parameters and access sensitive information, such as fast passwords, despite prior mitigations designed to prevent such attacks.
The study, conducted by Johannes Wikner and Kaveh Razavi of ETH Zurich University, shows a weakness in the Indirect Branch Predictor Barrier (IBPB), a defense mechanism introduced to protect against Specter v2 attacks. Despite Intel and AMD’s efforts to fix previous vulnerabilities, researchers were able to bypass IBPB and obtain sensitive data, such as the “hash of the root password from the suid process” on the latest Intel chips.
Source link