Researchers at Swiss university ETH Zurich announced a new addition to the Spectre Variant 2 family of bugs affecting Intel and AMD processors.
Spectre made a big splash in the media when first announced in 2018. Since then, several spins on the vulnerability have been discovered and subsequently mitigated. The family works by exploiting the speculative calculations processors use to boost speed by pre-processing multiple possible paths a program might go rather than waiting for the program to choose which one to focus on.
The ETH Zurich vulnerability, discovered by doctoral student Johannes Wikner and professor Kaveh Razavi, focuses on instructions that return a program to the correct place in memory. As such, they dubbed the vulnerability "Retbleed."
Wikner and Razevi will present their paper and proof of concept for Retbleed at USENIX in August. Retbleed potentially impacts three- to six-year-old Intel processors and one- to 11-year-old AMDs.
While Spectre received a lot of attention due to its massive potential impact, attacks never really materialized. They may have been too complex, too publicized and too quickly addressed to ever become a staple of attacker toolboxes.
"Attackers are efficient and always focused on what works most often, fastest and cheapest," said Christopher Budd, senior manager of threat research at Sophos, later adding "attackers have focused on cheaper, easier attack angles."
That does not mean attacks could not materialize if the conditions were right, said Budd.
"Like we saw with SPECTRE — a solid mitigation response is a step in the right direction to prevent attacks. Intel and AMD have advised customers to adopt new mitigations, and today Microsoft released an update for AMD, as well," he said.
Wikner and Razavi tested Linux patches for mitigations needed to address Retbleed and found the resources needed by patched computers ballooned. The AMD and Intel patches tested would add 14% and 39% overhead respectively.