New Intel CPU side-channel attack Indirector can leak sensitive data

cpu



The researchers notified Intel of their research in February and the company has also notified other hardware and software vendors. The company already a mitigation for Spectre-like attacks in 2018 called the indirect branch predictor barrier (IBPB). While this in theory can be used to mitigate the new Indirector attack techniques, it would have to be used more aggressively than it currently is in practice.

“The default policy in the latest Linux version, termed IBPB: conditional, only activates IBPB during transitions to SECCOMP mode or tasks with restricted indirect branches in the kernel,” the researchers said.

“Consequently, IBPB activation is infrequent in both user and kernel spaces due to the significant performance overhead (up to 50%). It is not a viable mitigation for frequent domain crossings (browsers, sandboxes, and even kernel/user) — plus the fact that the OS does not use it in the most frequent domain transitions by default.”



Source link
lol

The researchers notified Intel of their research in February and the company has also notified other hardware and software vendors. The company already a mitigation for Spectre-like attacks in 2018 called the indirect branch predictor barrier (IBPB). While this in theory can be used to mitigate the new Indirector attack techniques, it would have to…

Leave a Reply

Your email address will not be published. Required fields are marked *