Head Topics

New ‘Retbleed’ Attack Can Swipe Key Data From Intel and AMD CPUs

United States News News

New ‘Retbleed’ Attack Can Swipe Key Data From Intel and AMD CPUs
United States Latest News,United States Headlines
  • 📰 WIREDBusiness
  • ⏱ Reading Time:
  • 50 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 23%
  • Publisher: 68%

The exploit can leak password information and other sensitive material, but the chipmakers are rolling out mitigations.

Retbleed can leak kernel memory from Intel CPUs at about 219 bytes per second and with 98 percent accuracy. The exploit can extract kernel memory from AMD CPUs with a bandwidth of 3.9 kB per second. The researchers said that it’s capable of locating and leaking a Linux computer’s root password hash from physical memory in about 28 minutes when running the Intel CPUs and in about six minutes for AMD CPUs.

“We found that we can inject branch targets that reside inside the kernel address-space, even as an unprivileged user,” the researchers wrote in a blog post. “Even though we cannot access branch targets inside the kernel address-space—branching to such a target results in a page fault—the Branch Prediction Unit will update itself upon observing a branch and assume that it was legally executed, even if it's to a kernel address.”Both Intel and AMD have responded with advisories.

Both the researchers’ research paper and blog post explain the microarchitectural conditions necessary to exploit Retbleed:. On Intel, returns start behaving like indirect jumps when the Return Stack Buffer, which holds return target predictions, is underflowed. This happens upon executing deep call stacks. In our evaluation we found over a thousand of such conditions that can be triggered by a system call. The indirect branch target predictor for Intel CPUs has been studied in.

We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:

WIREDBusiness /  🏆 68. in US

United States Latest News, United States Headlines

Similar News:You can also read news stories similar to this one that we have collected from other news sources.

New York City nuclear attack PSA: steps people should takeNew York City nuclear attack PSA: steps people should takeNew York City's Office of Emergency Management has issued a public service announcement in case the city is attacked with nuclear weapons.
Read more »

New 0Day Hack Attack Alert Issued For All Windows UsersNew 0Day Hack Attack Alert Issued For All Windows UsersThis zero-day vulnerability impacts most every version of Windows and Windows Server. Here's what you need to know.
Read more »

PSA on nuclear attack leaves New York City residents worried, baffledPSA on nuclear attack leaves New York City residents worried, baffledMany New Yorkers were left asking, 'Why now?'
Read more »



Render Time: 2025-02-24 14:03:42