• Login
No Result
View All Result
My Blog
  • Home
  • World
  • Politics
  • Business
  • Science
  • Tech
    There’s So Much More to NFTs and Web3 Than the FTX Crash

    There’s So Much More to NFTs and Web3 Than the FTX Crash

    Why Software Talent Is Still in Demand Despite Tech Layoffs, Downturn and a Potential Recession

    Why Software Talent Is Still in Demand Despite Tech Layoffs, Downturn and a Potential Recession

    Are You Hesitant to Use AR Technology? Here’s Why You Need to Jump on It Now.

    Are You Hesitant to Use AR Technology? Here’s Why You Need to Jump on It Now.

    This Crypto Entrepreneur Has Changed the Way We Think About Blockchain Technology

    This Crypto Entrepreneur Has Changed the Way We Think About Blockchain Technology

    Checklist For Next-Gen Entrepreneurs In Space-tech

    Checklist For Next-Gen Entrepreneurs In Space-tech

    ChatGPT Is Becoming a Game-Changer for Real Estate Agents

    ChatGPT Is Becoming a Game-Changer for Real Estate Agents

    Trending Tags

    • Sillicon Valley
    • Climate Change
    • Election Results
    • Flat Earth
    • Golden Globes
    • MotoGP 2017
    • Mr. Robot
  • Entertainment
    • All
    • Movie
    • Music
    • Sports
    The ‘Dune’ Miniseries Is a Fascinating Piece of History

    The ‘Dune’ Miniseries Is a Fascinating Piece of History

    Coinbase Offered Them Dream Jobs—and Then Took Them Away

    Coinbase Offered Them Dream Jobs—and Then Took Them Away

    The January 6 Hearings Are Fighting for Your Attention

    The January 6 Hearings Are Fighting for Your Attention

    12 Best Messenger Bags (2022): Crossbody, Slings, Shoulder Bags

    12 Best Messenger Bags (2022): Crossbody, Slings, Shoulder Bags

    Big Tech Has Become a Creature of the Swamp

    Big Tech Has Become a Creature of the Swamp

    Sea to Summit Alto TR1 Review: A Fantastic Ultralight Tent

    Sea to Summit Alto TR1 Review: A Fantastic Ultralight Tent

    Prediction Engines Are Like Karma: You Get What You Stream

    Prediction Engines Are Like Karma: You Get What You Stream

    ‘The Quarry’ Lets You Experience What’s Great About Slasher Films

    ‘The Quarry’ Lets You Experience What’s Great About Slasher Films

    Summer Game Fest’s Biggest Announcement? A ‘Last of Us’ Remake

    Summer Game Fest’s Biggest Announcement? A ‘Last of Us’ Remake

  • Lifestyle
    • All
    • Fashion
    • Health
    • Travel
    nurse

    Everything You Need To Know About Nurse Residency

    Drug detox

    Are you the right candidate for medical detox?

    The Benefit of Using Sunscreen Protection

    Gift Ideas for Celebrating a Loved One’s College Acceptance

    What are the major reasons to form gall bladder stones?

    The ‘Dune’ Miniseries Is a Fascinating Piece of History

    The ‘Dune’ Miniseries Is a Fascinating Piece of History

    Coinbase Offered Them Dream Jobs—and Then Took Them Away

    Coinbase Offered Them Dream Jobs—and Then Took Them Away

    The January 6 Hearings Are Fighting for Your Attention

    The January 6 Hearings Are Fighting for Your Attention

    12 Best Messenger Bags (2022): Crossbody, Slings, Shoulder Bags

    12 Best Messenger Bags (2022): Crossbody, Slings, Shoulder Bags

    Big Tech Has Become a Creature of the Swamp

    Big Tech Has Become a Creature of the Swamp

    Trending Tags

    • Golden Globes
    • Mr. Robot
    • MotoGP 2017
    • Climate Change
    • Flat Earth
  • More
    • Directions
  • Home
  • World
  • Politics
  • Business
  • Science
  • Tech
    There’s So Much More to NFTs and Web3 Than the FTX Crash

    There’s So Much More to NFTs and Web3 Than the FTX Crash

    Why Software Talent Is Still in Demand Despite Tech Layoffs, Downturn and a Potential Recession

    Why Software Talent Is Still in Demand Despite Tech Layoffs, Downturn and a Potential Recession

    Are You Hesitant to Use AR Technology? Here’s Why You Need to Jump on It Now.

    Are You Hesitant to Use AR Technology? Here’s Why You Need to Jump on It Now.

    This Crypto Entrepreneur Has Changed the Way We Think About Blockchain Technology

    This Crypto Entrepreneur Has Changed the Way We Think About Blockchain Technology

    Checklist For Next-Gen Entrepreneurs In Space-tech

    Checklist For Next-Gen Entrepreneurs In Space-tech

    ChatGPT Is Becoming a Game-Changer for Real Estate Agents

    ChatGPT Is Becoming a Game-Changer for Real Estate Agents

    Trending Tags

    • Sillicon Valley
    • Climate Change
    • Election Results
    • Flat Earth
    • Golden Globes
    • MotoGP 2017
    • Mr. Robot
  • Entertainment
    • All
    • Movie
    • Music
    • Sports
    The ‘Dune’ Miniseries Is a Fascinating Piece of History

    The ‘Dune’ Miniseries Is a Fascinating Piece of History

    Coinbase Offered Them Dream Jobs—and Then Took Them Away

    Coinbase Offered Them Dream Jobs—and Then Took Them Away

    The January 6 Hearings Are Fighting for Your Attention

    The January 6 Hearings Are Fighting for Your Attention

    12 Best Messenger Bags (2022): Crossbody, Slings, Shoulder Bags

    12 Best Messenger Bags (2022): Crossbody, Slings, Shoulder Bags

    Big Tech Has Become a Creature of the Swamp

    Big Tech Has Become a Creature of the Swamp

    Sea to Summit Alto TR1 Review: A Fantastic Ultralight Tent

    Sea to Summit Alto TR1 Review: A Fantastic Ultralight Tent

    Prediction Engines Are Like Karma: You Get What You Stream

    Prediction Engines Are Like Karma: You Get What You Stream

    ‘The Quarry’ Lets You Experience What’s Great About Slasher Films

    ‘The Quarry’ Lets You Experience What’s Great About Slasher Films

    Summer Game Fest’s Biggest Announcement? A ‘Last of Us’ Remake

    Summer Game Fest’s Biggest Announcement? A ‘Last of Us’ Remake

  • Lifestyle
    • All
    • Fashion
    • Health
    • Travel
    nurse

    Everything You Need To Know About Nurse Residency

    Drug detox

    Are you the right candidate for medical detox?

    The Benefit of Using Sunscreen Protection

    Gift Ideas for Celebrating a Loved One’s College Acceptance

    What are the major reasons to form gall bladder stones?

    The ‘Dune’ Miniseries Is a Fascinating Piece of History

    The ‘Dune’ Miniseries Is a Fascinating Piece of History

    Coinbase Offered Them Dream Jobs—and Then Took Them Away

    Coinbase Offered Them Dream Jobs—and Then Took Them Away

    The January 6 Hearings Are Fighting for Your Attention

    The January 6 Hearings Are Fighting for Your Attention

    12 Best Messenger Bags (2022): Crossbody, Slings, Shoulder Bags

    12 Best Messenger Bags (2022): Crossbody, Slings, Shoulder Bags

    Big Tech Has Become a Creature of the Swamp

    Big Tech Has Become a Creature of the Swamp

    Trending Tags

    • Golden Globes
    • Mr. Robot
    • MotoGP 2017
    • Climate Change
    • Flat Earth
  • More
    • Directions
No Result
View All Result
My Blog
No Result
View All Result
Home National

New ‘Retbleed’ Attack Can Swipe Key Data From Intel and AMD CPUs

by lacygibson
July 13, 2022
in National, World
0
New ‘Retbleed’ Attack Can Swipe Key Data From Intel and AMD CPUs
0
SHARES
0
VIEWS
Share on FacebookShare on Twitter


Retbleed can leak kernel memory from Intel CPUs at about 219 bytes per second with 98% accuracy. The exploit can extract kernel memory from AMD CPUs at a bandwidth of 3.9 kB per second. The researchers said it was able to locate and leak a Linux computer’s root password hash from physical memory in about 28 minutes when running on an Intel CPU, compared to about 6 minutes for an AMD CPU.

Retbleed works by using code that basically poisons the branch prediction unit that the CPU relies on to make guesses. Once the poisoning is complete, this BPU makes mispredictions that the attacker can control.

“We found that we could inject branch targets residing within the kernel address space, even as an unprivileged user,” the researchers wrote in a blog post. “Even if we did not have access to branch targets within the kernel address space (branching to Such a target would cause a page fault), the branch prediction unit also updates itself when it observes a branch and assumes it was executed legally, even if it was to a kernel address.”

Intel and AMD respond

Both Intel and AMD have issued announcements in response. Intel has confirmed that the vulnerability exists on Skylake-generation processors, which do not offer a protection called Enhanced Indirect Branch Restricted Speculation (eIBRS).

“Intel has worked with the Linux community and VMM vendors to provide customers with software mitigation guidance that should be available on or around today’s public disclosure date,” Intel wrote in a blog post. “Note that Windows systems are not affected as these systems use Indirect Branch Restricted Speculation (IBRS) by default, which is also a mitigation available to Linux users. Intel is not aware of this issue being exploited outside of a controlled lab environment. “

At the same time, AMD also issued guidelines. “As part of its ongoing work to identify and address new potential security vulnerabilities, AMD recommends that software vendors consider additional measures to help protect against Spectre-like attacks,” a spokesperson wrote in an email. The company also released a white paper.

Both the researcher’s research paper and blog post explain the microarchitectural conditions required to take advantage of Retbleed:

Intel. On Intel, when the return stack buffer holding the return target prediction underflows, returns start to behave like indirect jumps. This happens when executing deep in the call stack. In our evaluation, we found over a thousand such conditions that can be triggered by system calls.The indirect branch target predictor for Intel CPUs has been Previous work.

AMD. On AMD, a return will behave like an indirect branch regardless of the state of its return address stack. In fact, by poisoning the return instruction with an indirect jump, the AMD branch predictor will assume that it will encounter an indirect jump instead of a return, and therefore predict the indirect branch target. This means that any return we can get from a system call can be exploited – and there are many.

In an email, Razavi added: “Retbleed is not just a retpoline bypass for Intel, especially on AMD machines. AMD will actually be releasing a white paper on Branch Type Confusion based on Retbleed. Essentially, Retbleed Confusing return instructions and indirect branches on AMD CPUs. This makes return utilization on AMD CPUs very simple.”

The cost of these mitigations was a 12% to 28% increase in computational overhead measured by the researchers. Organizations relying on affected CPUs should carefully read publications from researchers, Intel, and AMD, and ensure that mitigation guidelines are followed.

This story originally appeared in Ars Technica.

Tags: AMDAttackchipsCPUCPUsdataIntelKeyRetbleedSwipetechnologyVulnerability
lacygibson

lacygibson

Next Post
Amazon Prime Day Deal: Atlas Coffee Club Subscription Is Half-Off Right Now

18 Best Prime Day Deals on Coffee Gear, Subscriptions, and More (2022)

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Police Across US Bypass Warrants With Mass Location-Tracking Tool

Police Across US Bypass Warrants With Mass Location-Tracking Tool

5 months ago
Charge Your iPhone Wirelessly with This Fast MagSafe Charger

Charge Your iPhone Wirelessly with This Fast MagSafe Charger

5 months ago

Popular News

    Connect with us

    • Contact
    • Read Latest News Around The World – Frapios
    Write Us at: [email protected]

    Copyright Reserved © 2022

    No Result
    View All Result
    • Home
    • Politics
    • World
    • Business
    • Science
    • National
    • Entertainment
    • Gaming
    • Movie
    • Music
    • Sports
    • Fashion
    • Lifestyle
    • Travel
    • Tech
    • Health
    • Food

    Copyright Reserved © 2022

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In