Retbleed

By: Anon4 (no.delete@this.example.com), July 14, 2022 2:17 pm
Room: Moderated Discussions
anon2 (anon.delete@this.anon.com) on July 13, 2022 10:03 pm wrote:
> anonymous2 (anonymous2.delete@this.example.com) on July 13, 2022 3:14 pm wrote:
> > https://en.wikipedia.org/wiki/Retbleed
>
> Does not seem to be anything new in hardware just spectre variant 2 software fix in Linux was not complete.

Variant 2 was against forward jump instructions, the mitigation was to turn forward jumps in to returns which are architecturally similar but have a very different effect on the microarchitecture.

This was 'retpoline' retbleed attacks the retpoline itself in a similar way to the way variant 2 attacked jumps. It makes use of the fact that returns start behaving like jumps when certain internal state is overflowed. So this is novel.

Anything which uses retpolines is vulerable and that includes Windows and possibly macOS it's not just a Linux issue.

IBRS and eIRBS basically completely migitate the problem these are available from Coffee Lake R and beyond (Intel called it 9th gen). You will note commerical OSes have been dropping support for older but still relatively recent x86 processors, now you know why.
< Previous Post in ThreadNext Post in Thread >
TopicPosted ByDate
Retbleedanonymous22022/07/13 03:14 PM
  Retbleedanon22022/07/13 10:03 PM
    RetbleedAdrian2022/07/14 12:05 AM
    RetbleedAnon42022/07/14 02:17 PM
      Retbleedanon22022/07/14 04:29 PM
        RetbleedAnon42022/07/14 05:05 PM
          Retbleedanon22022/07/14 05:37 PM
            Retbleedanon22022/07/14 06:40 PM
              Retbleeddmcq2022/07/15 04:54 AM
                Retbleedanon22022/07/17 07:17 AM
              RetbleedMichael S2022/07/15 07:08 AM
                RetbleedBen T2022/07/16 05:06 AM
                  RetbleedMichael S2022/07/16 11:41 AM
                    Public cloud infrastructureBen T2022/07/16 04:50 PM
                      Public cloud infrastructureRayla2022/07/16 09:15 PM
                      Public cloud infrastructureme2022/07/17 09:19 AM
                      Public cloud infrastructureBrett2022/07/18 12:38 PM
                        Public cloud infrastructureAdrian2022/07/18 01:19 PM
                          Public cloud infrastructureme2022/07/18 03:54 PM
                          Public cloud infrastructureBrett2022/07/20 03:35 PM
                            Public cloud infrastructureBrett2022/07/21 01:18 PM
                              Public cloud infrastructureinthestratosphere2022/07/21 02:46 PM
                                Public cloud infrastructureBrett2022/07/21 10:38 PM
                                What’s needed for a viable Apple server?Ben T2022/07/22 05:31 AM
                                  What’s needed for a viable Apple server?Michael S2022/07/22 09:09 AM
                                  More DRAM capacity?Mark Roulo2022/07/22 09:48 AM
                                    More DRAM capacity?Doug S2022/07/22 11:05 AM
                                      More DRAM capacity?Mark Roulo2022/07/22 11:20 AM
                                        More DRAM capacity?Doug S2022/07/22 01:48 PM
                                    More DRAM capacity?Wes Felter2022/07/22 04:49 PM
                        Public cloud infrastructureanon22022/07/18 04:25 PM
                      Putting 12 processor packages in a 1U serverBen T2022/07/22 10:02 PM
                        Putting 12 processor packages in a 1U serverrwessel2022/07/23 07:15 AM
                        Putting 12 processor packages in a 1U serverDaniel B2022/07/23 04:15 PM
                          Putting 12 processor packages in a 1U serverBen T2022/07/24 05:29 AM
                            Multi-system cluster design spacePaul A. Clayton2022/07/24 08:49 AM
            RetbleedAnon42022/07/15 03:00 AM
          RetbleedMichael S2022/07/15 06:59 AM
      Retbleed---2022/07/15 11:14 AM
Reply to this Topic
Name:
Email:
Topic:
Body: No Text
How do you spell tangerine? 🍊