The issue has shot alert even in the U.S. Congress
CPU manufacturers face two new variations of Specter’s lateral channel attack vulnerabilities, following a series of investigations by experts in enterprise data protection services.
Like its predecessors, these last two vulnerabilities arise during the speculative execution process, with the difference that none of them resolves with recently issued patches and updates.
According to enterprise data protection services experts, the exploitation of variant 1.1 (CVE-2018-3693) may cause the theft of sensitive information, while variant 1.2 (no CVE number yet) can be exploited to overwrite read only data and code pointers in order to breach into the sandboxes.
In addition, researchers warn that no effective analysis is available to generically detect or mitigate the vulnerability Spectre 1.1. On the other hand, the previously established mitigations against Specter-V1 using a speculative barrier could be an effective countermeasure.
Like many of its predecessors, variants 1.1 and 1.2 affect Intel and ARM processors, and most likely AMD processors. Experts in enterprise data protection services refer to Spectre 1.1 as a lesser variant of Spectre 1 that “leverages speculative reserves to create speculative buffer overflows, allowing attackers to access the protected CPU memory. Meanwhile, information security specialists from the International Institute of Cyber Security describe Spectre 1.2 as “a lesser variant of Specter-V1, similar to the Spectre-V3 variant”.
While this is concerning, notices from various groups of information security experts point out that malicious code must already be present in the system so that errors can be exploited, stating that “the complexity and requirement of a previous infection make the exploitation of these vulnerabilities unlikely in the near future”.
In more related news, Greg Walden, president of the Congress Energy and Trade Committee, and John Thune, president of the Senate’s Committee on Trade, Science and Transportation, jointly published a letter expressing concern about how vulnerability disclosure process could be improved.
In the document, legislators ask for consideration of these concerns and updating of recommended policies and procedures for attacking or facing vulnerabilities.