Two new Meltdown and Spectre variants discovered
Even if there were no reports of actual grand-scale hacks that took advantage of the Meltdown / Spectre vulnerabilities found in Intel’s and AMD’s CPU released this decade, there is still a pronounced feeling of unease among the end-users who now demand efficient hardware fixes instead of rushed and poorly optimized fixes that mess up their systems anyway. Meltdown and Spectre first got their spotlight when Google revealed them in early January this year as inherent CPU flaws that can enable unwarranted access to personal info that happens to be stored in the system memory, including passwords, emails and other critical data that can compromise the OS.
While Intel and AMD are already working to include hardware fixes in the upcoming CPU lineups, researchers from Nvidia and Princeton University dug deeper into the underlying flaws and uncovered two new vulnerability variants named “MeltdownPrime” and “SpectrePrime”.
The “MeltdownPrime and SpectrePrime: Automatically-Synthesized Attacks Exploiting Invalidation-Based Coherence Protocols” paper released on February 11 notes that: In the context of Spectre and Meltdown, leveraging coherence invalidations enables a Prime+Probe attack to achieve the same level of precision as a Flush+Reload attack and leak the same type of information. By exploiting cache invalidations, MeltdownPrime and SpectrePrime -- two variants of Meltdown and Spectre, respectively -- can leak victim memory at the same granularity as Meltdown and Spectre while using a Prime+Probe timing side-channel. [...]MeltdownPrime and SpectrePrime are caused by write requests being sent out speculatively in a system that uses an invalidation-based coherence protocol.”
It is not clear if these new variants have already been patched with the latest software fixes, but, more importantly, Intel and AMD have not yet confirmed if these variants will be fixed with the in-silicon solutions to be released in late 2018.