Retbleed

Retbleed is a speculative execution attack on x86-64 and ARM processors, including some recent Intel and AMD chips. First made public in 2022, it is a variant of the Spectre vulnerability which exploits retpoline, which was a mitigation for speculative execution attacks.

See also: Transient execution CPU vulnerability
Retbleed
CVE identifier(s)CVE-2022-29900, CVE-2022-29901, CVE-2022-28693

According to the researchers Retbleed mitigations require extensive changes to the system which results in up to 14% and 39% performance loss on Linux for affected AMD and Intel CPU respectively. The PoC works against Intel Core 6th, 7th and 8th generation microarchitectures and AMD Zen 1, Zen 1+, and Zen 2 microarchitectures.

An official document from ARM informs that all ARM CPUs affected by Spectre are also affected by Retbleed.

Windows is not vulnerable because the existing mitigations already tackle it. Linux kernels 5.18.14 and 5.19 contain the fixes. The 32-bit Linux kernel, which is vulnerable, will not receive updates to fix the issue.

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.