2 min

The chip vulnerability named Spectre which was first discovered in 2018 is back again. Researchers have found variants of Spectre that affect all modern x86 processors from AMD and Intel.

Researchers from the University of Virginia, and the University of California at San Diego, detailed the three new Spectre vulnerabilities last week.

They were found in the micro-op cache, a feature found in modern CPUs. It is designed to improve the performance of a process by storing low-level instructions that can be fetched in the speculative execution process to predict what functions will be executed.

Micro-op cache

The micro-op cache has been present in Intel processors since 2011 and in AMD chips since 2017, the new Spectre vulnerabilities affect chips from both manufacturers. The new Spectre vulnerabilities allow hackers to subvert the execution process via the micro-op cache and gain access to sensitive data while executing instructions.

The first flaw allows attackers to execute the same thread-cross domain attacks that expose information across the second domain. Vulnerability #2 allows for a cross-SMT threat attack that can gain information from threads running on the same physical core.

The final flaw allows transient execution attacks that can get access through “misspeculated paths.”

Affected devices

Because of the relatively small size of the micro-op cache, an attack is faster than existing Spectre variants that have to prime and probe several cache sets to transmit information incognito.

The researchers said that the new Spectre attacks exhibit more stealth, using the micro-op cache as the only disclosure primitive, allowing for fewer data/instruction cache accesses, let alone misses.

The researchers added that billions of computers and other devices across the globe are just as vulnerable today as they were when Spectre was first announced.