New Spectre-based CPU vulnerability allows guests to steal sensitive data from the cloud
techradar.com
- ETH Zurich researchers found a new Spectre-BTI attack called VMSCAPE that lets a VM steal host data
- It affects cloud setups using KVM/QEMU on AMD and Intel CPUs, bypassing existing defenses
- They propose flushing the branch predictor on VMEXIT as a low-cost fix
If Ghostbusters taught us anything, it’s that spectres are notoriously difficult to get rid of.
Security researchers from the Swiss public university, ETH Zurich, recently discovered a new Spectre-BTI (Branch Target Injection) attack that allows a malicious virtual machine (VM) to leak sensitive data from the host system, without modifying host software.
The research team - Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi - conducted a systematic analysis of branch predictor isolation, targeting environments using KVM/QEMU virtualization on AMD Zen 4 and Zen 5 CPUs.
Copyright of this story solely belongs to techradar.com . To see the full text click HERE