One Spectre/Meltdown flaw for Every Day of the Week

A team of researchers has found seven new Spectre/Meltdown flaws. In a paper, the researchers wrote: we present a sound and extensible systematization of transient execution attacks. Our systematization uncovers 7 (new) transient execution attacks that have been overlooked and not been investigated so far.

These flaws include two new Meltdown variants: Meltdown-PK on Intel, and Meltdown-BR on Intel and AMD. The rest of the five flaws were related to Spectre.

“We evaluate all 7 attacks in proof-of-concept implementations on 3 major processor vendors (Intel, AMD, ARM),” said the paper, “Through this systematic evaluation, we discover that we can still mount transient execution attacks that are supposed to be mitigated by rolled out patches.”

The team also suggested mitigation possibilities. “Transient execution attacks use a covert channel to transfer the microarchitectural state change induced by the transient instruction sequence such that it can be observed on an architectural level. One approach in mitigating Spectre-type attacks is to reduce the accuracy,” said the paper.