Intel, AMD CPUs on Linux impacted by newly disclosed Spectre bypass

Recent research has revealed that certain Intel and AMD CPUs running on Linux are vulnerable to new speculative execution attacks that can bypass existing Spectre mitigations. The affected Intel processors include the 12th, 13th, and 14th generations, as well as the 5th and 6th generation Xeon chips. AMD's older Zen 1, Zen 1+, and Zen 2 architectures are also impacted. These vulnerabilities exploit weaknesses in the Indirect Branch Predictor Barrier (IBPB), a key defense mechanism against speculative execution attacks. Researchers from ETH Zurich demonstrated that these attacks can leak sensitive information, such as root passwords, by manipulating speculative execution processes. Both Intel and AMD were informed of these vulnerabilities in June 2024, with Intel acknowledging the issue and assigning it a CVE identifier. Although Intel has released a microcode fix, it has not been widely implemented across all operating systems. AMD has also confirmed the vulnerability but classified it as a software bug rather than a hardware flaw. The ETH Zurich team is collaborating with Linux kernel maintainers to develop a patch for the affected AMD processors.

- Intel and AMD CPUs on Linux are vulnerable to new Spectre bypass attacks.

- The vulnerabilities affect multiple generations of Intel and AMD processors.

- The attacks exploit weaknesses in the Indirect Branch Predictor Barrier (IBPB).

- Intel has released a microcode fix, but it is not yet widely available.

- AMD classifies the issue as a software bug and has not issued a microcode fix.