Partner with usThis website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
New Cybersecurity Attacks Target High-End Intel Processors
The cybersecurity landscape is constantly evolving, with researchers continuously uncovering new threats and vulnerabilities. In a groundbreaking discovery, researchers have identified a unique cybersecurity attack that targets a specific feature in the branch predictor known as the Path History Register (PHR). Unlike previous attacks that lacked insight into the inner workings of the branch predictor, this new attack exposes a wealth of information with unprecedented precision.
Presented at the prestigious 2024 ACM ASPLOS Conference, the research has prompted industry giants Intel and Advanced Micro Devices to take action. Both companies have responded to the concerns raised by the researchers by issuing security advisories. Intel has released a Security Announcement, while AMD has issued a Security Bulletin to inform users about the potential security risks.
Branch prediction is a critical aspect of modern processor performance optimization, as it allows software to anticipate and navigate different paths based on varying data values. The branch predictor, which relies on past branch histories stored in prediction tables, plays a crucial role in determining the direction of program execution. Previous cybersecurity attacks have exploited this mechanism by analyzing prediction table entries to infer recent branch behaviors at specific addresses.
In their study, researchers have leveraged the Path History Register (PHR) in modern processors to index prediction tables. The PHR records the precise order and addresses of the last 194 taken branches in recent Intel architectures. By developing innovative techniques to capture the PHR, the researchers have demonstrated the ability to not only capture recent branch outcomes but also to uncover the global ordering of all branches, providing a comprehensive view of program execution.
One of the key findings of the study is the researchers' ability to capture sequences of tens of thousands of branches in precise order, allowing them to leak secret information during image processing using widely used libraries such as libjpeg. This level of precision enables attackers to induce intricate patterns of branch mispredictions within victim code, leading to the execution of unintended code paths and potential exposure of confidential data.
Sign up for HardwareBee
Recent Stories
