Discovered by security experts a few years ago, malware named Specter and Meltdown have plagued the company by putting the data of millions of Intel users at risk. But now both Intel and Arm are facing a new Specter-type vulnerability.
A number of vulnerabilities exist that manage to infiltrate the processor to run the disallowed code sequence as a security measure. In its latest report, VUSec, a research group collaborating with Intel, has revealed the Specter vulnerability that affects Intel 12th Gen (Alder Lake) and ARM processors.
What is the Specter vulnerability affecting Intel and Arm?
This vulnerability, reported by VUSec, targets a range of processors using the ARM architecture with the latest generation Intel chips. Therefore, the Specter-type threat has the potential to endanger millions of computer and mobile users.
Named Specter-BHB by researchers when it was first discovered, BHI stands for Branch History Injection. According to the researchers’ report, Intel CPUs with BHI have a proof-of-concept vulnerability to infiltrate core memory.
Researchers at Vrije University Amsterdam shared an exploit that allows random data extraction from the processor’s core memory. The danger was deciphered using both the exploit (the program used to expose the vulnerabilities) and the password loaded from the root password file.
In addition to exfiltration from different privilege levels, the vulnerability can also be exploited for attack through the kernel. For example, the content of the kernel memory can be changed using the EBPF program (network traffic technology) downloaded by the user or with the help of the Specter-gadget in the kernel.
Which processors is the Specter-BHB (BHI) vulnerability threatening? The security report
says that all Intel processors released as of 2013 may be affected by this hazard. In addition, 13th Gen Raptor Lake and 14th Gen Meteor Lake are also at risk as they are in production.
On the ARM side, there is a danger for Cortex A15, A57, A72 and Neoverse V1, N1 and N2 cores. However, it is unknown whether Apple and Qualcomm chips are affected by Specter, as they are custom-designed. In the first tests, it is believed that AMD processors are not at risk.
Therefore, both Intel and ARM have to release updates for the vulnerability, but there has been no explanation from the companies on what to do about the vulnerability.
You can share your views on the Intel and Arm Specter vulnerability in the comments section and on the SDN Forum.
29241
