View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
July 13, 2022updated 03 Aug 2022 10:29am

Intel and AMD chips open to attack through ‘Retbleed’ vulnerability

Flaw found in many popular processors could allow hackers to steal encryption keys and other credentials.

By Matthew Gooding

A “serious” vulnerability affecting Intel and AMD processors could allow hackers to steal valuable information from the chips. The problem, dubbed ‘Retbleed’, primarily impacts older processors, and mitigating steps that have been put in place by the manufacturers are likely to slow down system speed, say researchers.

Retbleed vulnerability in Intel and AMD chips
A newly discovered vulnerability, Retbleed, impacts many commonly used chips, researchers say. (Photo by Ismed Syahrul/iStock)

A type of ‘spectre’ vulnerability, Retbleed was discovered by researchers at ETH Zurich university and sees traces of valuable information left in a system’s memory, where it can potentially be accessed by hackers. Information that is vulnerable could include encryption keys or security-​relevant passwords.

“This is especially risky in cloud environments where multiple companies share computer systems,” says a blog post from the academics that discovered the vulnerability, doctoral student Johannes Wikner and Kaveh Razavi, ETH Zurich professor for computer security. “The National Center for Cyber Security in Switzerland considers the vulnerability serious because the affected processors are in use worldwide.”

What is the Retbleed vulnerability?

Spectre vulnerabilities occur when a chip carries out speculative calculations before it knows whether or not they will be needed to perform a function. “In this process, CPUs ‘guess’ which direction to take at a branch and speculatively execute instructions based on their guess,” Razavi says.

This can speed up processing and improve chip performance, and if the instructions are not needed they are deleted by the system. But they can leave traces of information in a machine’s cache, which can be accessed by hackers with the requisite skills.

These vulnerabilities have been known since 2018, and chipmakers have put mitigating steps in place. However, in a research paper published today, Wikner and Razavi show that a particular type of “return instruction” carried out by chips is not covered by these mitigations.

“We have shown that with speculative execution, a particularly large number of return statements are vulnerable and can be hijacked,” Wikner said. “Since the mitigation measures taken so far did not take the return instructions into account, most existing microprocessor computer systems are vulnerable to Retbleed.”

Which Intel and AMD processors are affected by Retbleed?

Attacks on hardware are difficult to execute when compared to software breaches, but can have a big impact. Last month Tech Monitor reported on the Hertzbleed vulnerability, where hackers could measure a chip’s power output to access encrypted information.

Content from our partners
Why enterprises of all sizes must  embrace smart manufacturing solutions
European Technology Leadership: Deutsche Bank CTO Gordon Mackechnie
Print’s role in driving the environmental agenda

The researchers say any Intel processor that is three-to-six years old, or any AMD processor up to and including the Zen 3 which came out last year, are potentially vulnerable to Retbleed. They have been working with the chipmakers, as well as Microsoft, Oracle, Google and the Linux Foundation to come up with a fix for the problem.

Intel says it is “not aware of this issue being exploited outside of a controlled lab environment” and says it will release details of how to mitigate the flaw today. AMD has also released a technical advisory about the problem.

In their research paper, Wikner and Razavi analyse Intel and AMD’s early efforts to resolve the problem and note they have an impact on performance. “The current solution is to prevent hackers from influencing the microprocessors’ decision on return destinations,” they write. “Unfortunately, this comes with a substantial performance cost that makes a computer 12-28% slower.”

Tech Monitor is hosting a roundtable in association with Intel vPro on how to integrate security into operations. For more information, visit NSMG.live.

Read more: The most exploited cybersecurity vulnerabilities of 2021 revealed

Topics in this article: ,
Websites in our network
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy
SUBSCRIBED

THANK YOU