The new three Spectre vulnerabilities were discovered by a team of researchers from the University of California and the University of Virginia. According to their study, the micro-op cache present in the current CPUs like Intel and AMD has recorded vulnerabilities.
They also predicted that a costly performance penalty could happen when the low-level fixes are implemented. Despite strategic procedures to mitigate them, these vulnerabilities can easily infiltrate these processors.
Spectre Vulnerabilities in Intel, AMD's Micro-op Cache
According to a report by Tech Spot, the experts have specifically identified the new vulnerabilities inside the micro-op cache which is present in Intel CPUs (2011 up to the latest) and AMD (2017 up to the latest).
The use of the micro-op cache is to improve the performance of the processors. This is done through the low-level instructions that will appear once the complex instructions are converted into "computable" arithmetic.
Moreover, the poor documentation of the two companies when it comes to the micro-op cache design was also seen by the researchers.
There are also code structures that consist of two types. The researchers considered them as their groundwork for the attack. In particular, these structures are named after two animal groups: zebras and tigers which are located in the micro-op cache.
The former type is notorious for staying in unoccupied locations. Meanwhile, the tiger can emulate the code region's structure. It could also occupy the remaining places so that it could later remove a given code region.
Now combining these two vulnerabilities, they exploit the timing effects of the micro-op cache by having full control over it.
How Do the Vulnerabilities Exploit the System?
In a study entitled "I See Dead µops: Leaking Secrets via Intel/AMDMicro-Op Caches," the researchers referenced the vulnerability to a zebra luring a hungry tiger to the people.
Basically, it exposes the private data that inhibits the micro-op cache. The first type of vulnerability focuses on leaking the information within the same thread's domain.
The second vulnerability is responsible for exploiting the information by leaking them across two threads. The third one triggers exploitations by enabling the two previous attacks which also reveal the information.
"Due to the relatively small size of the micro-op cache, [the new] attack is significantly faster than existing Spectre variants that rely on priming and probing several cache sets to transmit secret information," the experts say.
Furthermore, addressing the new vulnerabilities could also lead to the big performance penalty believed to be greater than the mitigation that the Spectre conducts. An expected error rate could be seen even through the exploitation detection which is said to be the "least" penalizing approach.
Apart from that, flushing and partitioning, the two other methods could lead to the "heavy underutilization of the micro-op cache. To get rid of the risky exploitations of these vulnerabilities, a high level of access is needed, as researchers recommended.
The team also noted that an additional task could be carried out to run a risk assessment of the vulnerabilities. At the time of writing, the two chipmakers, Intel and AMD were notified about the patches that they are creating.
This article is owned by Tech Times
Written by Joseph Henry