A few years ago, the Spectre and Meltdown attacks made headlines for their impact on Intel and AMD processors. Since then, news about these vulnerabilities has faded as both companies have released patches. However, it appears that similar types of attacks could still pose a threat.
Although not identical to previous vulnerabilities, new findings suggest that similar attacks might target Linux-based operating systems. Even more concerning, newer processor generations from both Intel and AMD seem to be affected.
Researchers at ETH Zurich, Johannes Wikner and Kaveh Razavi, have pointed out that despite various mitigation efforts, Spectre-like attacks are still possible. These attacks exploit the Indirect Branch Predictor Barrier (IBPB) on x86 processors. Modern processors use predictive execution to anticipate and run instructions ahead of time, which boosts performance.
Unfortunately, this predictive process can access sensitive data, potentially allowing hackers to exploit the cache and access confidential information. The researchers explained that under certain conditions, the IBPB defenses can be bypassed.
Intel Fixes, AMD Awaits a Solution
Both Intel and AMD have confirmed the existence of this vulnerability. Intel has already issued a microcode update in March, but not all Linux systems have received the patch. Affected Intel processors include the 12th, 13th, 14th generations and the 5th and 6th generation Xeon chips.
On AMD’s side, the company has acknowledged the issue, classifying it as a software bug rather than a hardware flaw. Affected AMD processors include Zen 1, Zen+, and Zen 2.