Analyzing and Exploiting Branch Mispredictions in Microcode
Nicholas Mosier, Hamed Nemati, John C. Mitchell, Caroline Trippel
TL;DR
This paper introduces uSpectre, a novel class of transient execution attacks exploiting microcode branch mispredictions to leak sensitive data, revealing new vulnerabilities and proposing a defense mechanism called uSLH.
Contribution
The paper identifies uSpectre as a new attack class, discovers multiple new uSpectre variants, and proposes a defense mechanism uSLH against these vulnerabilities.
Findings
Many known transient attacks are instances of uSpectre on Intel architectures.
Multiple new uSpectre attack variants are discovered.
A defense mechanism, uSLH, is proposed to mitigate uSpectre vulnerabilities.
Abstract
We present uSpectre, a new class of transient execution attacks that exploit microcode branch mispredictions to transiently leak sensitive data. We find that many long-known and recently-discovered transient execution attacks, which were previously categorized as Spectre or Meltdown variants, are actually instances of uSpectre on some Intel microarchitectures. Based on our observations, we discover multiple new uSpectre attacks and present a defense against uSpectre vulnerabilities, called uSLH.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsMachine Learning and Data Classification · Evolutionary Algorithms and Applications