New Study Finds Most Enterprise Vendors Failing to Mitigate Speculative Execution Attacks

2022-07-19 01:30

With speculative execution attacks remaining a stubbornly persistent vulnerability ailing modern processors, new research has highlighted an "Industry failure" to adopting mitigations released by AMD and Intel, posing a firmware supply chain threat.

"The impact of such attacks is focused on disclosing the content from privileged memory to obtain sensitive data from processes running on the same processor," the firmware protection firm said in a report shared with The Hacker News.

In recent years, implementations of speculative execution, an optimization technique that predicts the outcome and target of branch instructions in a program's execution pipeline, have been deemed susceptible to Spectre-like attacks on processor architectures, potentially enabling a threat actor to leak cryptographic keys and other secrets.

Although recent findings such as Retbleed have conclusively shown that retpoline by itself is insufficient against stopping such attacks in certain scenarios, the latest analysis shows a lack of consistency in even applying these mitigations in the first place.

Intel is also recommending RSB stuffing as a mechanism to thwart buffer underflow attacks like Retbleed, alternatively urging vendors to "Set before RET instructions at risk of underflow due to deep call stacks."

"Firmware supply chain ecosystems are quite complex and often contain repeatable failures when it comes to applying new industry-wide mitigations or fixing reference code vulnerabilities," the researchers said.

News URL

https://thehackernews.com/2022/07/new-study-finds-most-enterprise-vendors.html

#attack #vendors