A “serious” vulnerability affecting Intel and AMD processors could allow hackers to steal valuable information from the chips. The problem, dubbed ‘Retbleed’, primarily impacts older processors, and mitigating steps that have been put in place by the manufacturers are likely to slow down system speed, say researchers.
A type of ‘spectre’ vulnerability, Retbleed was discovered by researchers at ETH Zurich university and sees traces of valuable information left in a system’s memory, where it can potentially be accessed by hackers. Information that is vulnerable could include encryption keys or security-​relevant passwords.
“This is especially risky in cloud environments where multiple companies share computer systems,” says a blog post from the academics that discovered the vulnerability, doctoral student Johannes Wikner and Kaveh Razavi, ETH Zurich professor for computer security. “The National Center for Cyber Security in Switzerland considers the vulnerability serious because the affected processors are in use worldwide.”
What is the Retbleed vulnerability?
Spectre vulnerabilities occur when a chip carries out speculative calculations before it knows whether or not they will be needed to perform a function. “In this process, CPUs ‘guess’ which direction to take at a branch and speculatively execute instructions based on their guess,” Razavi says.
This can speed up processing and improve chip performance, and if the instructions are not needed they are deleted by the system. But they can leave traces of information in a machine’s cache, which can be accessed by hackers with the requisite skills.
These vulnerabilities have been known since 2018, and chipmakers have put mitigating steps in place. However, in a research paper published today, Wikner and Razavi show that a particular type of “return instruction” carried out by chips is not covered by these mitigations.
“We have shown that with speculative execution, a particularly large number of return statements are vulnerable and can be hijacked,” Wikner said. “Since the mitigation measures taken so far did not take the return instructions into account, most existing microprocessor computer systems are vulnerable to Retbleed.”
Which Intel and AMD processors are affected by Retbleed?
Attacks on hardware are difficult to execute when compared to software breaches, but can have a big impact. Last month Tech Monitor reported on the Hertzbleed vulnerability, where hackers could measure a chip’s power output to access encrypted information.
The researchers say any Intel processor that is three-to-six years old, or any AMD processor up to and including the Zen 3 which came out last year, are potentially vulnerable to Retbleed. They have been working with the chipmakers, as well as Microsoft, Oracle, Google and the Linux Foundation to come up with a fix for the problem.
Intel says it is “not aware of this issue being exploited outside of a controlled lab environment” and says it will release details of how to mitigate the flaw today. AMD has also released a technical advisory about the problem.
In their research paper, Wikner and Razavi analyse Intel and AMD’s early efforts to resolve the problem and note they have an impact on performance. “The current solution is to prevent hackers from influencing the microprocessors’ decision on return destinations,” they write. “Unfortunately, this comes with a substantial performance cost that makes a computer 12-28% slower.”
Tech Monitor is hosting a roundtable in association with Intel vPro on how to integrate security into operations. For more information, visit NSMG.live.