Recently, the researcher at the University of Lübeck in Germany and Worcester Polytechnic Institute in the US has discovered another speculative execution vulnerability which is impacting Intel processors.
This “Spoiler“, same like Spectre before it, hunt the CPU’s speculative execution engine which predictively guesses upcoming computations to boost the performance.
The Spoiler flaw is completely independent of the Spectre, meaning, the Meltdown and existing mitigations for Spectre have no effect on this new flaw in processors, the research paper explains. This Spoiler flaw is a complicated problem, but the research paper offers a few sorts.
We have discovered a novel microarchitectural leakage which reveals critical information about physical page mappings to user space processes. The leakage can be exploited by a limited set of instructions, which is visible in all Intel generations starting from the 1st generation of Intel Core processors, independent of the OS and also works from within virtual machines and sandboxed environments.
AMD and ARM-based processors were not affected in a way the Intel processors are susceptible, because the researches tested both of these processors too which makes Spoiler flaw unique to Intel. This has found itself reeling after frenzy that was Spectre and Meltdown.
Same like these two flaws, there is no viable software only mitigation. The microarchitecture level changes could help which would come at the cost of performance.
AMD has confirmed that Spoiler flaw does not impact Ryzen processors.
We are aware of the report of a new security exploit called SPOILER which can gain access to partial address information during load operations. We believe that our products are not susceptible to this issue because of our unique processor architecture. The SPOILER exploit can gain access to partial address information above address bit 11 during load operations. We believe that our products are not susceptible to this issue because AMD processors do not use partial address matches above address bit 11 when resolving load conflicts.
When the Spectre was discovered, AMD did have to issue some mitigations for it but that’s not the case for it in Spoiler flaw. But Intel has to continue to analyze their CPU design at the silicon level for improved security in the future.
Get real time update about this post categories directly on your device, subscribe now.