Security researchers have discovered several new variants of the flaw which, while hard to execute, would be difficult to mitigate. To make things worse, none of the present Spectre mitigations can shield against attacks which use the new variants.
Before going public with the data, the investigators warned Intel and AMD of the exploits that would potentially allow hackers to steal information from a system, reports Phoronix. However, as of now, no microcode updates or OS patches are released, and it may only stay that way. That is because the essence of the strikes and their mitigations are convoluted and come with a major caveat.
Based on Tom’s Hardware, the threat could be limited to lead attacks as exploiting micro-ops cache vulnerabilities is extremely hard. Essentially, the malware would have to bypass all other hardware and software security measures that modern systems have.
For CPU manufacturers, among the biggest concerns is going to be the performance impacting mitigation steps outlined by the investigators, including the flushing of their micro-op cache in domain crossings or privilege level-based partitioning of the caches. The paper’s authors claim this mitigation would include”considerably greater performance penalty” than those associated with previous attacks.
The first of the trio of possible exploits is a same thread cross-domain attack that escapes secrets across the consumer kernel boundary. A separate version is based upon a cross-SMT thread attack that communicates keys across two SMT threads through the micro-op cache. The paper also describes”passing execution strikes” that may be utilized”to flow an alcoholic secret accessed along a misspeculated path, before the transient instruction is dispatched to execution.”