Modern processors use branch prediction and speculative execution to maximize performance. For example, if the destination of a depends on memory value that is in process being read, CPUs will try guess attempt execute ahead. When finally arrives, CPU either discards or commits computation. Speculative logic unfaithful how it executes, can access victim's registers, perform operations with measurable side effects. Spectre attacks involve inducing victim speculatively would not occur during correct program which leak confidential information via channel adversary. This paper describes practical combine methodology from attacks, fault return-oriented programming read arbitrary process. More broadly, shows implementations violate security assumptions underpinning numerous software mechanisms, including operating system separation, static analysis, containerization, just-in-time (JIT) compilation, countermeasures cache timing/side-channel attacks. These represent serious threat actual systems, since vulnerable capabilities are found microprocessors Intel, AMD, ARM used billions devices. While makeshift processor-specific possible some cases, sound solutions require fixes processor designs as well updates instruction set architectures (ISAs) give hardware architects developers common understanding what computation state (and not) permitted leak.

Load

Load