Researchers find new Specter- and Meltdown-like CPU vulnerability

Bitdefender researchers have found a new vulnerability in CPUs where speculative memory can be tapped. A patch is now available for the vulnerability, which is very similar to previous CPU leaks such as Specter, Meltdown and Zombieload.

Details about the investigation were presented Tuesday at the Black Hat security conference, which is taking place this week in Las Vegas. The vulnerability is in speculative execution, an optimization method in which a CPU tries to predict certain tasks or calculations to make the processor faster. If such a prediction comes true, the calculation can be performed earlier because the data has already been loaded earlier. If the prediction is wrong, it is discarded. The researchers have found a way to perform a side channel attack that bypasses the memory isolation. This allows an attacker to read sensitive information from kernel memory.

The vulnerability is based on previous CPU vulnerabilities Specter and Meltdown. Speculative execution was also used to eavesdrop on kernel memory. It is striking that, according to the researchers, the vulnerability circumvents existing security measures that were put in place as a result of those leaks. However, attackers must use advanced malware or already be active on the system to really exploit the vulnerability.

The vulnerability appears in the Swapgs instruction on 64bit CPUs. Bitdefender says it has only tested the vulnerability on post-2012 Intel systems, but several companies say the vulnerability can be found in other and older CPUs. AMD says it itself is not affected. Bitdefender did collaborate with Microsoft and the industry for the investigation. Microsoft has since released a patch, as have Red Hat and Google.