Last year the hardware sector was sent into a tizzy with the discovery of the Spectre/Meltdown vulnerabilities that afflicted most CPUs.
Now, a new flaw has been discovered that appears similar to Spectre/Meltdown, but only affects Intel CPUs.
The flaw has been named Spoiler and it abuses speculative execution in Intel chips. To describe it as simply as possible, speculative execution allows a processor to perform tasks that you might want to do in future while other tasks are being completed.
This gives users a bit of a performance boost but as we learned last year, the feature is ripe for exploitation.
Now researchers Saad Islam, Ahmad Moghimi, Ida Bruhns, Moritz Krebbel, Berk Gulmezoglu, Thomas Eisenbarth and Berk Sunar have published a paper which details the Spoiler flaw.
“We introduced Spoiler, a novel approach for gaining physical address information by exploiting a new information leakage due to speculative execution. To exploit the leakage, we used the speculative load behavior after jamming the store buffer. Spoiler can be executed from user space and requires no special privileges,” the researchers explain.
The team goes on to say that it was able to show the impact of the Spoiler flaw using a Rowhammer attack but things take a scary turn the further you read through the research.
Fixing this flaw could prove problematic as Ahmad Moghimi told The Register, “My personal opinion is that when it comes to the memory subsystem, it’s very hard to make any changes and it’s not something you can patch easily with a microcode without losing tremendous performance.”
The researcher goes on to say the he doesn’t think that a fix will be coming anytime soon, in fact it could be five years before we see a fix for this.
Intel is aware of the flaw and says that software could be protected “by employing side channel safe development practices”.
“This includes avoiding control flows that are dependent on the data of interest. We likewise expect that DRAM modules mitigated against Rowhammer style attacks remain protected. Protecting our customers and their data continues to be a critical priority for us and we appreciate the efforts of the security community for their ongoing research,” Intel said in a statement sent to The Register.
The solution? Well you might not like it but the flaw is not present in AMD or Arm chips so perhaps it’s time to consider a manufacturer move? Of course Intel could release ways to mitigate the risk but according to the researchers who discovered that flaw, we might be waiting a while.