Intel’s AMD bug find proves that Spectre is still looming over us
source link: https://www.theverge.com/2022/3/15/22977989/intel-amd-bug-spectre
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Intel’s AMD bug find proves that Spectre is still looming over us
It turns out AMD’s 2018 Spectre patch doesn’t work
By Emma Roth Mar 15, 2022, 9:43am EDT
Illustration by Alex Castro / The Verge
When doing some of its own research, Intel’s security team discovered a flaw in AMD’s years-old patch against Spectre-based vulnerabilities, according to a report by Tom’s Hardware. AMD has since provided an update on its security bulletin in response, where it suggests using an alternate mitigation option and has additional advice for software developers.
Spectre is a type of security flaw affecting nearly all modern Intel and AMD processors that can give attackers access to sensitive data while remaining undetected. Last week, researchers found that Intel and Arm processors are susceptible to a new kind of Spectre v2 attack — although it’s just a proof-of-concept — called Branch History Injection (BHI).
During Intel’s investigation of this new potential vulnerability, Intel examined AMD’s LFENCE/JMP Spectre mitigation that the company has used since 2018. Surprisingly, researchers found that it doesn’t adequately protect against the threat. As noted on AMD’s security bulletin, the newly discovered security hole spans generations of AMD Ryzen processors on both laptops and desktop builds and also affects the second and third-generation Threadrippers. The researchers who found the new flaw performed their exploit on a Linux system and recommended mitigations, including the Retpoline fixes and disabling unprivileged eBPF on Linux systems that don’t already have it disabled. So far, there haven’t been examples of using the exploit on other platforms like Windows.
Patches for Spectre-related vulnerabilities have been known to cause performance issues, especially on older hardware. The folks at benchmarking platform Phoronix tested the impact of the initial patches on both AMD and Intel chips in 2019 and discovered Intel chips are far more likely to be bogged down by performance issues thanks to their patches, while AMD CPUs remain much less affected.
Recommend
-
33
Special cases From the Editor's Desk: Google's looming Pixel 4 disappointment Can Google continue to pretend the normal rules of phone hardware don't apply to it? Alex...
-
38
A fter months of living with the coronavirus pandemic, American citizens are well aware of the toll it has taken on the economy: broken supply chains, record unemployment, failing small businesses. All of these f...
-
2
No Alder Lake here — With Intel 12th-gen CPUs looming, LG’s debut gaming laptop opts for 11th-gen LG's first gaming laptop and Intel's Alder Lake mobile chips are both expecte...
-
6
Intel Fails To Get Spectre, Meltdown Chip Flaw Class-action Suit Tossed Out Become a fan of Slashdot on Facebook
-
8
News Analysis New attack bypasses hardware defenses for Spectre flaw in Intel and ARM CPUs Though not...
-
6
HP’s new Spectre x360 16 laptop is all-in on Intel The Envys have new chips, too If you buy something from a Verge link, Vox Media may earn a commission....
-
2
HP's angular ultralights return — HP’s new Spectre laptops include options with Intel Arc, less noise HP Spectre laptops try out Intel discrete graphics, boosted webcams, n...
-
3
Netflix is still king when it comes to horror and The Midnight Club proves it
-
11
Intel proves us wrong with big driver update gains, fixes WebView2 black screen issue...
-
6
available in colors other than purple — The 2024 Rolls-Royce Spectre proves EVs make the best luxury cars We drive Rolls-Royce's first electric car, which was...
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK