Spectre and Meltdown were revealed as two high-level vulnerabilities affecting all processors dating back at least the past two decades in January last year. Now, researchers have discovered a new flaw that affects all Intel chips relying on speculative execution for improvement to performance of these processors. The new vulnerability, called Spoiler, also exploits speculative execution in Intel chips to reveal data that is not generally available without higher level access. Unlike Spectre and Meltdown, Spoiler attacks a different area of the processor called the Memory Order Buffer. Also Read - A new firmware security flaw puts ‘nearly all’ modern PCs and Macs at riskAlso Read - Samsung Galaxy S7 found vulnerable to Meltdown, could be exploited for spying
The Memory Order Buffer on a processor is used to manage memory operations and is tightly integrated with the cache. In a new paper titled ‘Spoiler: Speculative load hazards boost Rowhammer and cache attacks’ by researchers from Worcester Polytechnic Institute, Massachusetts and the University of L beck in northern Germany. The paper released this month was first spotted by The Register, and it explains how Spoiler is not another Spectre attack and how Intel‘s mitigation introduced last year won’t be able to prevent it. Also Read - Spectre 1.1 and Spectre 1.2 vulnerabilities disclosed; will need hardware-level mitigation
“The root cause for Spoiler is a weakness in the address speculation of Intel’s proprietary implementation of the memory subsystem, which directly leaks timing behavior due to physical address conflicts. Existing Spectre mitigation would therefore not interfere with Spoiler,” the researchers write in the paper.
They note that Spoiler only affects processors designed by Intel and the same weakness cannot be exploited to break into ARM or AMD processor. Spoiler, according to researchers, depends on “a novel microarchitectural leakage, which reveals critical information about physical page mappings to user space processes. The leakage can be exploited by a limited set of instructions, which is visible in all Intel generations starting from the 1st generation of Intel Core processors, independent of the OS, and also works from within virtual machines and sandboxed environments.”
Watch: Qualcomm Snapdragon 8cx Always Connected PC First Look