Some of the newest Intel chips might be impacted by a severe new security flaw—both Raptor Lake and Alder Lake are susceptible
Experts have discovered a new way to carry out side-channel attacks on some of Intel's latest processors, warning that if users don't protect their devices, they risk losing sensitive data to cybercriminals.
Security researchers Luyi Li, Hosein Yavarzadeh, and Dean Tullsen detail an attack called Indirector, which uses Indirect Branch Predictor (IBP) and Branch Target Buffer (BTB) vulnerabilities to bypass chip protection and obtain sensitive data. It is said that Raptor Lake and Lake Elderly are easily influenced by independence.
A patch available IBP is a hardware component that predicts the target address (control current instructions) for indirect branches. Since the address is computed at runtime, the IBP uses a combination of global history and branch address to predict the target address of indirect branches, the researchers explained.
In other words, IBPs are vulnerable and allow the attackers to run Branch Target Injection (BTI) attacks which, in turn, grant them the ability to grab sensitive information directly from the unit. To do this, the researchers created the iBranch Locator tool.
The researchers disclosed their findings to Intel earlier this year, and while the company acknowledged their findings, they said previous fixes also applied to the approach. "Intel reviewed the reports submitted by the academic researchers and determined that the previously provided mitigation guidelines for topics such as IBRS, eIBRS, and BHI are valid for this new study and no new mitigations or guidance is necessary."
Similar to the Specter and Meltdown vulnerabilities of a few years ago, this approach relies on speculative execution. It is a feature most modern CPUs use, where the chips "speculate" on a branch's path and perform instructions prior to improving performance. Lapping of these types of deficiencies usually reduces processors' performance.