Enlarge (credit: Aurich Lawson / Getty Images)
Back at the start of the year, a set of attacks that leveraged the speculative execution capabilities of modern high-performance processors was revealed, with the names Meltdown and Spectre. Since then, numerous variants of these attacks have been devised. In tandem with this, a range of mitigation techniques have been created to enable at-risk software, operating systems, and hypervisor platforms to protect against these attacks.
A research team including many of the original researchers behind Meltdown and Spectre, and the related Foreshadow and BranchScope attacks, has published a new paper disclosing yet more attacks in the Spectre and Meltdown families. The result? Seven new possible attacks. Some are mitigated by known mitigation techniques, but others are not, meaning that further work is required to safeguard vulnerable systems.
The previous investigations into these attacks has been a little ad hoc in nature; examining particular features of interest to provide, for example, a Spectre attack that can be performed remotely over a network, or Meltdown-esque attack to break into SGX enclaves. The new research is more systematic, looking at the underlying mechanisms behind both Meltdown and Spectre and running through all the different ways the speculative execution can be misdirected.