Spectrology: CPU hardware vulnerabilities in 2019

[harlan4096]

At the 35th Chaos Communications Congress, almost a year after the first publication about the CPU hardware vulnerabilities tagged Meltdown and Spectre, a group of researchers from Graz University of Technology, Austria, spoke about the current state of affairs concerning known CPU hardware vulnerabilities. Spoiler: The past year brought a lot more of them to light.

The essence of Meltdown and Spectre in brief


First, let us recall what Meltdown and Spectre are, and how they differ.

The Meltdown vulnerability appeared because modern CPUs can execute instructions out of order. This is a very convenient feature that does accelerate code processing, but in some cases the CPU happens to process code prone to error, code that shouldn’t be executed at all. That is, first the code is executed by the CPU, and only then does it become apparent that the operation cannot be completed — such situations happen exactly because instructions are executed out of order.

Of course, the results of such operations will not be passed on or used anywhere, and yet they leave traces on the microarchitecture level — in the CPU cache memory. And they can be extracted from there. As a result, the cache can be used to get hold of data that otherwise would be inaccessible: for example, a password. Here’s how it works: A program may request access to data in storage — to which the system will reasonably respond that access is denied for lack of access authorization. But because of the out-of-order execution of operations, the password will still end up in the cache, and from there it can be quite feasibly fished out. In short, Meltdown may occur when attempting to execute an unwarranted action.

Full reading: https://www.kaspersky.com/blog/35c3-spec...019/25268/