Linux kernel developers have successfully addressed Retbleed, the latest Spectre-like speculative execution attack against older AMD and Intel processors, Linus Torvalds wrote in a message to the Linux Kernel Mailing List on Sunday. However, the difficult repair process means there will be a delay of the release for Linux version 5.19 by a week.
“I think we’ve got the retbleed fallout all handled (knock wood),” Torvalds wrote.
The complexity of the fix wasn’t the only reason for the release; there were two other development trees that independently asked for an extension. The other trees that needed the extension involve the btrfs filesystems and firmware for Intel GPU controllers.
“When we’ve had one of those embargoed [hardware] issues pending, the patches didn’t get the open development, and then as a result missed all the usual sanity checking by all the automation build and test infrastructure we have,” Torvalds explained. “So, 5.19 will be one of those releases that have an additional rc8 next weekend before the final release.”
Last week, researchers at ETH Zurich announced the discovery of Retbleed, an addition to the family of speculative execution attacks that began with Meltdown and Spectre. The researchers named the family of these vulnerabilities Spectre-BTI after the attack method: via a branch target injection.
Unlike its siblings, Retbleed does not proceed via indirect jumps or calls, but instead uses return instructions. This is significant because it undermines some of the current Spectre-BTI protections, the researchers wrote.
In response, Intel and AMD issued advisories describing mitigations for CVE-2022-29901 (Intel CPUs) and CVE-2022-2990 (AMD CPUs).
Speculative Execution Exploits Here to Stay
The discovery follows Hertzbleed, discovered in June, which exploited a side-channel flaw in Intel and AMD processors, allowing remote attackers with low privileges to infer sensitive information by observing power-throttling changes in the CPU.
The attacks leverage weaknesses in the speculative execution process, a performance optimization technique in modern CPUs.
Other major speculative execution vulnerability exploits uncovered in recent years include Meltdown, Spectre, and SWAPGS.
A team of Google researchers published a deep analysis of the issue back in 2019, positing that chip makers’ focus on performance has left microprocessors open to numerous side-channel attacks that cannot be fixed by software updates.
Some experts believe exploits like Spectre and Meltdown will force customers to make tradeoffs between performance and security of applications. They predict these types of threats will become much more dangerous in cloud and virtual environments.
A 2019 survey from Login VSI found patches negatively impacted performance for a fifth of those who applied them, with at times substantial performance reductions.
