Meet SplitSpectre - a new variant of the attack on processors

Northeastern University specialists together with IBM Research experts unveiled a new variation of Specter's vulnerability in processors. This flaw can be exploited by running the code in the context of the browser.

A team of researchers argues that the new problem also affects the micro-architecture of modern processors and can be used in the process of attacking the function of speculative execution. The specialists gave the code name SplitSpectre, which is a variation of the Specter v1 initial vulnerability, which became known earlier this year.

The difference between SplitSpectre is exactly how the attack is carried out. According to experts, the new vulnerability is even easier to use than the original version. For clarity, the researchers published a diagram that shows the difference between the original Specter v1 (above) and SplitSpectre (below):

According to experts, this attack technically increases the length of the window of speculative execution. Experts managed to successfully attack Intel Haswell, Skylake and AMD Ryzen processors.

At the same time during the attacks, they used the JavaScript engine, Firefox SpiderMonkey 52.7.4. A detailed study of experts can be found at this link (PDF).

Recall that in the past month, Linus Torvalds supported the idea of creating a patch for the Linux kernel, which is designed to limit the protection mechanism of Specter Variant 2’s attack. % of total processor power.