Head Topics

New ‘Retbleed’ Attack Can Swipe Key Data From Intel and AMD CPUs

México Noticias Noticias

New ‘Retbleed’ Attack Can Swipe Key Data From Intel and AMD CPUs
México Últimas Noticias,México Titulares
  • 📰 WIREDBusiness
  • ⏱ Reading Time:
  • 50 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 23%
  • Publisher: 68%

The exploit can leak password information and other sensitive material, but the chipmakers are rolling out mitigations.

Retbleed can leak kernel memory from Intel CPUs at about 219 bytes per second and with 98 percent accuracy. The exploit can extract kernel memory from AMD CPUs with a bandwidth of 3.9 kB per second. The researchers said that it’s capable of locating and leaking a Linux computer’s root password hash from physical memory in about 28 minutes when running the Intel CPUs and in about six minutes for AMD CPUs.

“We found that we can inject branch targets that reside inside the kernel address-space, even as an unprivileged user,” the researchers wrote in a blog post. “Even though we cannot access branch targets inside the kernel address-space—branching to such a target results in a page fault—the Branch Prediction Unit will update itself upon observing a branch and assume that it was legally executed, even if it's to a kernel address.”Both Intel and AMD have responded with advisories.

Both the researchers’ research paper and blog post explain the microarchitectural conditions necessary to exploit Retbleed:. On Intel, returns start behaving like indirect jumps when the Return Stack Buffer, which holds return target predictions, is underflowed. This happens upon executing deep call stacks. In our evaluation we found over a thousand of such conditions that can be triggered by a system call. The indirect branch target predictor for Intel CPUs has been studied in.

Hemos resumido esta noticia para que puedas leerla rápidamente. Si estás interesado en la noticia, puedes leer el texto completo aquí. Leer más:

WIREDBusiness /  🏆 68. in US

México Últimas Noticias, México Titulares

Similar News:También puedes leer noticias similares a ésta que hemos recopilado de otras fuentes de noticias.

New York City nuclear attack PSA: steps people should takeNew York City nuclear attack PSA: steps people should takeNew York City's Office of Emergency Management has issued a public service announcement in case the city is attacked with nuclear weapons.
Leer más »

New 0Day Hack Attack Alert Issued For All Windows UsersNew 0Day Hack Attack Alert Issued For All Windows UsersThis zero-day vulnerability impacts most every version of Windows and Windows Server. Here's what you need to know.
Leer más »

PSA on nuclear attack leaves New York City residents worried, baffledPSA on nuclear attack leaves New York City residents worried, baffledMany New Yorkers were left asking, 'Why now?'
Leer más »



Render Time: 2025-03-11 02:08:10