July 3, 2024 at 06:24AM
Researchers at the University of California San Diego have detailed a new attack method, Indirector, targeting high-end Intel CPUs. The method exploits the Indirect Branch Predictor and Branch Target Buffer, allowing attackers to bypass existing defenses and compromise CPU security. Intel maintains that previously issued mitigations should effectively address the new method.
Based on the meeting notes, the key takeaways are as follows:
– A team of researchers from the University of California San Diego has identified a novel attack method called Indirector, targeting high-end Intel CPUs like Raptor Lake and Alder Lake.
– Indirector is a high-precision BTI attack that exploits the Indirect Branch Predictor (IBP) and the Branch Target Buffer (BTB) to obtain sensitive data from memory.
– The researchers have developed a tool named iBranch Locator to facilitate IBP and BTB injection attacks.
– Intel claims that previously issued mitigation guidance, such as IBRS, eIBRS, and BHI, is effective against the new Indirector attack method and no new mitigations or guidance are required.
– The researchers have proposed a couple of mitigation measures against Indirector attacks.
Additionally, there are related attacks such as New TikTag Attack targeting Arm CPU security feature, ZenHammer Attack targeting DRAM on systems with AMD CPUs, and the GhostRace Attack impacting major CPU and software vendors.
Please let me know if there’s anything else you need.