SpectreRSB: New attack targets CPU return stack buffers

Updated: The "Spectre class" attack can be used to recover and pull sensitive data from victim machines.

Intel's patches for Spectre variant 4 will slow your CPU Intel's Spectre variant 4 patch will be off by default, but users who turn it on are likely to see slower performance.

A new Spectre-class attack called SpectreRSB has been revealed by researchers.

A team of security experts from the University of California, Riverside (UCR), disclosed the new attack last week in a paper published on Arxiv (.PDF), documenting their findings on the new exploit method.

The technique relies on speculative execution, which is a feature found in many modern CPUs in order to optimize computer performance.

As there is disparity between the potential speed of modern CPUs and memory, speculative execution occurs to keep efficiency at peak levels, but in order to do so, the CPU is employed with running batch instructions.

Once instructions are underway, the CPU does not always check whether or not memory accesses from cache are accessing privileged memory. It is this window of time that can be exploited.

According to the researchers, SpectreRSB takes a slight detour from other, similar attacks. Rather than exploit the branch predictor units of CPUs or CPU cache components, SpectreRSB exploits the Return Stack Buffer (RSB).

The researchers created proof-of-concept (PoC) attacks which can compromise the RSB's usual functions -- the prediction of return addresses of an operation the CPU is trying to complete in advance of instructions, a method used to boost CPU efficiency in modern processors.

The team says they were able to poison this routine, resulting in either mistraining of the branch predictor unit or directly polluting it to force the speculative execution of code. This, in turn, may result in the exposure of the full memory of other processes and hypervisors.

See also: The return of Spectre

In total, three attacks have been described in the paper. The first and second show how the RSB can be manipulated by user code to alter stacks and return address matching, resulting in information leaks. As the RSB is shared among hardware threads that execute on the same virtual processor, such attacks can cause inter-process or even inter-VM pollution of the RSB.

The third attack relates to Intel Software Guard eXtension (SGX) compartments where malicious OSs can pollute the RSB to "cause a misspeculation that exposes data outside an SGX compartment."

"This attack bypasses all software and microcode patches on our SGX machine," the team says. "We believe that SpectreRSB is as a dangerous speculation attack, that in some instances is not mitigated by the primary defenses against Spectre."

The results were reported to Intel, and while attacks have not been demonstrated against AMD or ARM, the academics also reported their findings to these vendors as "they also use RSBs to predict return addresses."

Red Hat is also aware of the research and is investigating the issue.

The security researchers say that "none of the known defenses including Retpoline and Intel's microcode patches stop all SpectreRSB attacks," however, there is the belief that some of the issues may be mitigated.

CNET: A physical key is the secret to Google employees' online security

This does not mean that the report should not be taken seriously, but on its own, it may not require a new slew of security patches.

"SpectreRSB is related to Branch Target Injection (CVE-2017-5715), and we expect that the exploits described in this paper are mitigated in the same manner," an Intel spokesperson told The Register. "We have already published guidance for developers in the whitepaper, Speculative Execution Side Channel Mitigations. We are thankful for the ongoing work of the research community as we collectively work to help protect customers."

TechRepublic: Spectre and Meltdown: Cheat sheet

Chandler Carruth, Software Engineer at Google, said on Twitter:

"Mitigations still can have bugs or be only partially deployed. So researchers, keep hammering. We need to fully understand and test this surface to get to a secure state.

But this (alone) doesn't mean we need totally new mitigation approaches."

Earlier this month, security researchers Vladimir Kiriansky and Carl Waldspurger discovered two other Spectre-style attacks.

Published in an MIT paper, Speculative Buffer Overflows: Attacks and Defenses (.PDF), the researchers documented both security flaws which are described as "speculative execution side-channel attacks."

Dubbed Spectre 1.1 and Spectre 1.2, the former utilizes speculative data stores to create speculative buffer overflows which can bypass original Spectre mitigations, while the latter is able to compromise CPUs which do not enforce read/write protection.

Intel paid Kiriansky $100,000 for the findings.

Update 10.57 GMT: An AMD spokespersons said:

"AMD is aware of a new research paper on processor speculation and a proposed vulnerability in the return stack buffer. AMD believes its recommended Indirect Branch Prediction Barrier (IBPB) setting mitigates against the described vulnerability.

As stated in this AMD Whitepaper, when IBPB is set in software for context switching, the processor enforces that older indirect branches cannot influence predictions of indirect branches in the future, we believe thereby effectively mitigating against the described vulnerability."

ZDNet has reached out to ARM and will update if we hear back.

Previous and related coverage