Security News > 2024 > April > New Spectre v2 attack impacts Linux systems on Intel CPUs
Researchers have demonstrated the "First native Spectre v2 exploit" for a new speculative execution side-channel flaw that impacts Linux systems running on many modern Intel processors.
Spectre V2 is a new variant of the original Spectre attack discovered by a team of researchers at the VUSec group from VU Amsterdam.
The new finding underscores the challenges in balancing performance optimization with security, which makes addressing fundamental CPU flaws complicated even six years after the discovery of the original Spectre.
Intel has already assigned CVE-2022-0001 and CVE-2022-0002 to BTI and BHI, respectively, while CVE-2024-2201 involves a new Spectre v2 exploit that works against the Linux kernel.
An exploit demonstrating the new Spectre V2 flaw can be seen in the video below.
Intel has also updated its mitigation recommendations for Spectre v2 and now proposes disabling unprivileged Extended Berkeley Packet Filter functionality, enabling Enhanced Indirect Branch Restricted Speculation, and enabling Supervisor Mode Execution Protection.
News URL
Related news
- Intel, AMD CPUs on Linux impacted by newly disclosed Spectre bypass (source)
- CUPS vulnerabilities affecting Linux, Unix systems can lead to RCE (source)
- Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks (source)
- Linux systems targeted with stealthy “Perfctl” cryptomining malware (source)
- New scanner finds Linux, UNIX servers exposed to CUPS RCE attacks (source)
- New Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel Processors (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)