A new method to evade hardware mitigations in AMD, Intel, and Arm processors has been discovered by researchers. The processors can be subject to speculative execution attacks like Spectre, resulting in data pilfering from host memory.
Spectre and similar attacks break isolation between different applications by using an optimisation technique called speculative execution in CPU hardware. The attack co-opts programs into accessing arbitrary locations in memory, leading to stealing data.
VUSec researchers demonstrated the latest method is designed to evade all the protection chipmakers have put in place for preventing attacks. Chipmakers have built software and hardware defences like Retpoline, Enhanced Indirect Branch Restricted Speculation (eBIRS) and Arm CSV2.
The new variant of Spectre-V2 called Branch History Injection (BHI or Spectre-BHB) labelled CVE-2017-5715 circumvents both eIBRS and CSV2, with the researchers describing it as a “neat end-to-end exploit” leaking arbitrary kernel memory on modern Intel CPUs.
The hardware mitigations do prevent the unprivileged attacker from injecting predictor entries for the kernel,” the researchers explained.
“However, the predictor relies on a global history to select the target entries to speculatively execute. And the attacker can poison this history from userland to force the kernel to mispredict to more ‘interesting’ kernel targets (i.e., gadgets) that leak data,” the Systems and Network Security Group at Vrije Universiteit Amsterdam added.
Malicious code can use the shared branch history, which is housed in the CPU Branch History Buffer (BHB), to control mispredicted branches within the victim’s hardware context leading to speculative execution that can cause to infer information that otherwise must be inaccessible.
Spectre-BHB makes all Intel and Arm processors vulnerable that Spectre-V2 affected previously. Besides, many AMD chipsets are affected, as a result, the three companies are releasing software updates to patch the issue.
Intel is also recommending customers to disable Linux’s unprivileged extended Berkeley Packet Filters (eBPF), enable both eIBRS and Supervisor-Mode Execution Prevention (SMEP), and add “LFENCE to specific identified gadgets that are found to be exploitable.”
“The [Intel eIBRS and Arm CSV2] mitigations work as intended, but the residual attack surface is much more significant than vendors originally assumed,” the researchers said.
“Nevertheless, finding exploitable gadgets is harder than before since the attacker can’t directly inject predictor targets across privilege boundaries. That is, the kernel won’t speculatively jump to arbitrary attacker-provided targets, but will only speculatively execute valid code snippets it already executed in the past.”