Notebookcheck Logo

New Spectre vulnerability affects Intel Alder Lake and ARM processors

Spectre is back. (Image Source: PC Gamer)
Spectre is back. (Image Source: PC Gamer)
The new Spectre variant apparently has no effect on AMD's processors, yet it continues to affect Intel's processors ranging from Haswell up to Alder Lake, whereas ARM's affected products include the Cortex A15 / A57 / A72 cores plus Neoverse server-grade processors models V1, N1 and N2.

The Spectre vulnerability was discovered almost 4 years ago and it seemed to affect processors from intel, AMD and ARM. In the meantime, all of the affected CPU makers have released patches that hindered overall performance to a slight extent, and the latest processor models even have these fixes implemented at a hardware level, yet it looks like Spectre is still alive and kicking in some new form called branch history injection (BHI) as recently reported by VUSec security research group.

This time around, the security issue only affects Intel and ARM processors. The list of affected Intel processors includes the 2013 Haswell all the way up to Ice Lake-SP and the latest Core gen 12 Alder Lake models. On the other hand, ARM’s list features Cortex A15, A57 and A72 mobile cores as well as Neoverse V1, N1 and N2 server-grade processors. Both companies will release fixes as soon as possible, but it remains to be seen if these patches come with slight performance downgrades once again.

VUSec explains that the exploit is only proof-of-concept and not meant to educate nefarious third parties on the existing vulnerabilities. BHI apparently affects all CPUs already vulnerable to Spectre V2 despite implemented fixes like Intel’s eIBRS and ARM’s CSV2. What BHI essentially does is to re-enable previously fixed cross-privilege Spectre V2 exploits by allowing kernel-to-kernel attacks. This way third parties have the possibility to inject predictor entries into the global branch prediction history and leak kernel memory data that could contain sensitive information like passwords and hash codes.

 

Buy the CYBERPOWERPC Gamer Xtreme VR gaming PC with Intel Core i7-12700KF CPU on Amazon

Read all 1 comments / answer
static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2022 03 > New Spectre vulnerability affects Intel Alder Lake and ARM processors
Bogdan Solca, 2022-03- 9 (Update: 2022-03-16)