A new Intel processor vulnerability, BranchScope allow attackers compromise sensitive data

A team of four U.S. universities and scholars discovered a new bypass attack, BranchScope, which uses the “speculative execution” function in modern processors to recover data from the user’s CPU.

The “Meltdown” and “Spectre” vulnerabilities that were exposed at the beginning of 2018 also make use of the CPU’s “speculative execution” function. It is worth noting that the security flaws discovered by researchers this time are different from those in the past because of the fact that the BranchScope attack is actually speculating on other parts of the execution process.

The researchers named this new attack method BranchScope because it attacks the “branch prediction” operation. Spectre vulnerabilities variant 2 (CVE-2017-5715) also points to this part of the CPU’s speculative execution flow.

How modern CPUs use the speculative execution and branch prediction mechanisms are explained.

“Branch prediction” refers to the stage in which the CPU decides which operation to compute first, and it attempts to predict the outcome of the computer process as part of the speculative execution optimization function.

BranchScope technology allows the attacker to make this decision instead of the CPU (similar to the “Commander” in the video above). In this way, the attacker can perform speculative execution directly in some areas of the CPU’s memory and leak information that was otherwise inaccessible.

The BranchScope security vulnerability works exactly the same as Spectre variant 2. But unlike Spectre variant 2 for branch target buffers (cache components in branch prediction operations), BranchScope points to the “direct branch predictor”, which is responsible for deciding which “speculative” operation to perform.

Researchers stated that BranchScope is the first bypass attack method for “direction prediction” and that this technique can also be used to retrieve content stored in SGX Enclave. The SGX Enclave has been regarded as an area strictly protected and absolutely untouchable in the Intel CPU.

The research team has conducted field tests on this new bypass attack technology and successfully retrieved data from three new Intel x86-64 processors (Sandy Bridge, Haswell, and Skylake). The team pointed out that the attack was initiated based on user space (without administrator privileges) and the error rate was less than 1%.

Since this is a new type of attack, there are no mitigation measures against the BranchScope attack. The Spectre patch (designed to address TBT-based attack activity) has no effect on BranchScope, but BranchScope can be repaired because researchers have stated that they can use software and hardware-level mitigation measures and provide detailed explanations of these two directions.

At the 23rd ACM Programming Language and Operating System Architecture Support International Conference (ASPLOS 2018), a research paper titled “BranchScope: A New Side-Channel Attack on Directional Branch Predictor” describing this new type of bypass attack was published.

In addition to Meltdown, Spectre, and BranchScope, other recently exposed methods for bypass attacks include SgxSpectre, MeltdownPrime, and SpectrePrime.