In brief: Hardware vulnerabilities like Spectre, Meltdown, and Downfall have dogged Intel processors for years. A newly uncovered variant of Spectre poses a similar threat, but Intel and the researchers behind the discovery believe that strengthening current security measures should adequately guard against the problem.
Recently published research has exposed a security flaw affecting 12th, 13th, and 14th-generation Intel processors. Similar to Spectre, Meltdown, and Downfall, it could cause the processors to leak sensitive information.
Researchers from the University of California San Diego discovered the attack, dubbed "Indirector." It targets the indirect branch indicator (IBI), a critical component of modern Intel CPUs. As a Spectre V2 attack, it uses Branch Target Injection, which can alter where processors send important information.
Furthermore, the study reveals previously undisclosed information about the workings of the indirect branch predictor, branch target buffer, and Intel security measures like IBPB, IBRS, and STIBP. Reverse engineering has uncovered new vulnerabilities in these processes.
Using a specialized tool, an attacker could insert a multi-target direction path into the IBP, potentially exposing sensitive data. Another method can eject the target user from the IBP and commit a BTB injection attack with a similar result.
More aggressive IBPB implementation could protect against the flaw but may introduce significant performance penalties. The researchers also suggest that Intel tighten its security in other areas in future designs.
Intel told Tom's Hardware that its existing countermeasures, such as IBRS, eIBRS, and BHI, are effective against Indirector, so it will not issue further mitigations. Intel's website hosts detailed explanations of these systems. The researchers plan to reveal more information at the August USENIX Security Symposium.
With the discovery of Indirector, every modern Intel processor is now vulnerable to at least one known exploit. Spectre has impacted Blue Team's processors for over a decade, while Downfall affects consumer CPUs from the 6th through 11th generation. Meanwhile, Meltdown impacts Intel, AMD, and Arm systems.
The researchers tested Indirector on Alder Lake and Raptor Lake processors, potentially adding to the issues plaguing the latter. For weeks, users running CPU-intensive processes like games and productivity software have encountered crashes on high-end 13th and 14th-gen Intel chips, and the company has yet to find a permanent solution. In the meantime, Intel instructed affected users to undervolt their CPUs.
Whether Chipzilla can avoid these or similar issues with upcoming generations like Arrow Lake and Panther Lake remains unclear.