This post is also available in: Italian

Reading Time: 2 minutes

Now that Meltdown and Spectre vulnerabilities are almost fixed, there is a new critical vulnerability for several Intel CPU called BranchScope, discovered by some researchers from four universities.

It’s again a speculative execution issue, in the method a processor uses to predict where its current computational task. By exploiting this flaw, attackers with local access could pull data stored from memory that’s otherwise inaccessible to all applications and users.

The vulnerability is similar to Spectre Variant 2, but BranchScope targets the process that decides which branch the CPU will take next whereas Spectre Variant 2 resides in the cache component associated with branch prediction. Branch prediction units (BPUs) are used to improve the performance of pipelined processors by guessing the execution path of branch instructions. The problem is that when two processes are executed on the same physical CPU core, they share a BPU, potentially allowing a malicious process to manipulate the direction of a branch instruction executed by the targeted application.

The BranchScope attack has been demonstrated on devices with three types of Intel i5 and i7 CPUs based on Skylake, Haswell and Sandy Bridge microarchitectures. Again the latest Intel CPU generation is fully affected by this problem.

Some previous patches can partially mitigate this problem, but new patches (and probably also microcode) should be expected soon.

Note that AMD CPU has also other different types of vulnerabilities.

See also:

Share

Related Posts

  • BranchScope: nuova vulnerabilità dei processori Intel

    Ora che il problema di Meltdown and Spectre è stato quasi del tutto sistemato, compare una nuova criticità su molti processori Intel. Quattro ricercatori di altrettante università, la College of William and Mary, la Carnegie Mellon University, la UC Riverside e la Binghamton University, hanno…

  • Other bugs for AMD's CPU

    Now that Meltdown and Spectre vulnerabilities are almost fixed, there is a new critical vulnerabilities, this time specific only for several AMD CPU. There are 13 critical security vulnerabilities and manufacturer backdoors discovered throughout AMD Ryzen & EPYC product lines. Yes, also the lates AMD CPU models!…

  • Altro bug su CPU Intel: L1 Terminal Fault aka Foreshadow

    Quest'anno sarà ricordato, informaticamente parlando, come dei bug ai microprocessori. Si è iniziato subito ai primi di gennaio con gli annunci dei bug Spectre e Metldown ma poi si è continutato tutto l'anno. Prima per i goffi tentativi di sistemare i bug citati, ma poi…

Virtualization, Cloud and Storage Architect. Tech Field delegate. VMUG IT Co-Founder and board member. VMware VMTN Moderator and vExpert 2010-24. Dell TechCenter Rockstar 2014-15. Microsoft MVP 2014-16. Veeam Vanguard 2015-23. Nutanix NTC 2014-20. Several certifications including: VCDX-DCV, VCP-DCV/DT/Cloud, VCAP-DCA/DCD/CIA/CID/DTA/DTD, MCSA, MCSE, MCITP, CCA, NPP.