This week brought news of a new Spectre BHB vulnerability that only affects Intel and Arm chips, but Intel’s investigation into these new attack routes uncovered another issue: Since 2018, one of the patches AMD deployed to fix the Spectre vulnerabilities has been broken. STORM, Intel’s security team, discovered the flaw in AMD’s solution. As a result, AMD has published a security warning and modified its guidelines to offer an alternative way for mitigating the Spectre vulnerabilities, thus resolving the problem.
As a reminder, the Spectre flaws allow attackers to gain unrestricted and undetectable access to data being processed in a CPU via a side-channel attack that can be carried out remotely. Attackers can steal passwords and encryption keys, among other things, giving them complete access to a system.
Intel’s investigation into AMD’s Spectre fix starts in a roundabout way: despite using the Enhanced Indirect Branch Restricted Speculation (eIBRS) and/or Retpoline mitigations, Intel’s processors were recently found to be vulnerable to Spectre v2-based attacks via a new Branch History Injection variant.
Intel went to other mitigation strategies in search of a fresh Spectre mitigation approach to repair the far-flung vulnerability. There are a few more possibilities, but they all come with different levels of performance sacrifices. Intel claims that AMD’s LFENCE/JMP technology was requested by its ecosystem partners. The “LFENCE/JMP” mitigation, often known as “AMD’s Retpoline,” is a Retpoline alternative.
Intel’s study revealed that the mitigation AMD has been using to patch the Spectre vulnerabilities since 2018 isn’t enough – the processors are still vulnerable. The problem affects practically every recent AMD CPU, including the EPYC series of datacenter chips and nearly the entire Ryzen line for desktop PCs and laptops (second-gen through current-gen).
The paper’s abstract, titled “You Cannot Always Win the Race: Analyzing the LFENCE/JMP Mitigation for Branch Target Injection,” identifies three Intel authors: Alyssa Milburn, Ke Sun, and Henrique Kawakami, all of whom work for Intel’s STORM security team. The abstract briefly summarises the bug discovered by the researchers:
“LFENCE/JMP is an existing software mitigation option for Branch Target Injection (BTI) and similar transient execution attacks stemming from indirect branch predictions, which is commonly used on AMD processors. However, the effectiveness of this mitigation can be compromised by the inherent race condition between the speculative execution of the predicted target and the architectural resolution of the intended target, since this can create a window in which code can still be transiently executed. This work investigates the potential sources of latency that may contribute to such a speculation window. We show that an attacker can “win the race”, and thus that this window can still be sufficient to allow exploitation of BTI-style attacks on a variety of different x86 CPUs, despite the presence of the LFENCE/JMP mitigation.”
AMD released a security bulletin (AMD-SB-1026) in reaction to the STORM team’s findings and research, stating that it is not aware of any currently operational exploits employing the method outlined in the study. Customers are also advised to use “one of the other published mitigations (V2-1 nicknamed ‘generic retpoline’ or V2-4 aka ‘IBRS’),” according to AMD. The corporation also revised its Spectre mitigation guidelines [PDF] to reflect the modifications.