Security News > 2020 > June > Thought you'd addressed those data-leaking Spectre holes on Linux? Guess again. The patches aren't perfect
In three posts marked urgent to the Linux kernel mailing list on Tuesday, Anthony Steinhauser points out problems with countermeasures put in place to block Spectre vulnerabilities in modern Intel and AMD x86 microprocessors that perform speculative execution.
The Spectre family of flaws involve making a target system speculate - perform an operation it may not need - in order to expose confidential data so an attacker can obtain it through an unprotected side channel.
"If the victim runs after the attacker the victim becomes vulnerable to Spectre V4.".
Linux will also force-disable a Spectre mitigation called Indirect Branch Prediction Barrier - a defense against Branch Target Buffer attacks from Spectre V2 - in certain situations, specifically when STIBP is not available or when Indirect Branch Restricted Speculation is available.
This could make AMD-powered computers running Linux vulnerable since the manufacturer advises [PDF] using IBPB rather than IBRS or STIBP to defend against Spectre V2. Finally, Steinhauser points out that settings for disabling indirect branch speculation don't work.
News URL
https://go.theregister.com/feed/www.theregister.com/2020/06/09/linux_kernel_bugs_spectre/