Security News > 2022 > March > Intel, AMD, Arm warn of new speculative execution CPU bugs
Security researchers have found new a new way to bypass existing hardware-based defenses for speculative execution in modern computer processors from Intel, AMD, and Arm.
Today, the three CPU manufacturers have published advisories accompanied by mitigation updates and security recommendations to tackle recently discovered issues that allow leaking of sensitive information despite isolation-based protections.
Vendors have released software-based mitigations such as "Retpoline" that isolate indirect branches from speculative execution.
Researchers at VUSec detail in a technical report today a new method to bypass all existing mitigations by leveraging what they call Branch History Injection.
In parallel news that coincide in disclosure, grsecurity has published the details and a PoC that can leak confidential data from AMD processors via a new straight-line-speculation attack method.
This new variant of SLS affects many AMD chips based on the Zen1 and Zen2 microarchitectures, including EPYC, Ryzen Threadripper, and Ryzen with integrated Radeon Graphics.