The VUSec safety analysis group and Intel reported one other Specter-class vulnerability referred to as department historical past injection (BHI) on Tuesday. The brand new vulnerability impacts all Intel processors and sure ARM cores launched lately, together with the newest twelfth Gen Alder Lake CPUs. Alternatively, it’s estimated that AMD’s chips aren’t affected by this vulnerability.
BHI is a proof-of-concept assault that impacts CPUs which are already susceptible to exploiting Specter V2 vulnerabilities, however for which all mitigation measures are already in place. Based on Phoronix, the brand new exploit can circumvent Intel’s eIBRS and ARM’s CSV2 measures. Consequently, random kernel reminiscence on sure CPUs could be leaked, doubtlessly revealing confidential info, together with passwords.
All of Intel’s processors, beginning with Haswell (launched in 2013) to the newest Ice Lake-SP and Alder Lake, are negatively impacted by this vulnerability. Nevertheless, the blue staff is about to launch a software program patch that may mitigate the issue.
As well as, many cores from ARM are affected, together with Cortex A15, A57, A72, in addition to Neoverse V1, N1 and N2. The corporate is anticipated to take measures and launch software program updates for these cores.