Retbleed

By: Anon4 (No.delete@this.example.com), July 14, 2022 5:05 pm
Room: Moderated Discussions
anon2 (anon.delete@this.anon.com) on July 14, 2022 4:29 pm wrote:
> No it wasn't, it was BTB poisoning to influence indirect branches.
> Branch direction forwards or backwads is not relevant.

I've had my head to much on CFI recently.... forward edge, obviously branch direction is not relevant.

> Some CPUs use BTB for return branches in some situations. This is not somehow new nor was unknown at the
> time. It was explicitly called out in a public discussion about the fix several years ago, actually.

And was thought not to be exploitable, some people thought it was exploitable however they could not come up with a practical attack at the time.

Given the mitigation cost no one was going to roll out an expensive speculative (sic) mitigation against an attack which was not thought to be practical at the time. That 'expensive' is in money, performance losses cost real money for the hyperscalers and major ones can make a service economically unviable.
< Previous Post in ThreadNext Post in Thread >
TopicPosted ByDate
Retbleedanonymous22022/07/13 03:14 PM
  Retbleedanon22022/07/13 10:03 PM
    RetbleedAdrian2022/07/14 12:05 AM
    RetbleedAnon42022/07/14 02:17 PM
      Retbleedanon22022/07/14 04:29 PM
        RetbleedAnon42022/07/14 05:05 PM
          Retbleedanon22022/07/14 05:37 PM
            Retbleedanon22022/07/14 06:40 PM
              Retbleeddmcq2022/07/15 04:54 AM
                Retbleedanon22022/07/17 07:17 AM
              RetbleedMichael S2022/07/15 07:08 AM
                RetbleedBen T2022/07/16 05:06 AM
                  RetbleedMichael S2022/07/16 11:41 AM
                    Public cloud infrastructureBen T2022/07/16 04:50 PM
                      Public cloud infrastructureRayla2022/07/16 09:15 PM
                      Public cloud infrastructureme2022/07/17 09:19 AM
                      Public cloud infrastructureBrett2022/07/18 12:38 PM
                        Public cloud infrastructureAdrian2022/07/18 01:19 PM
                          Public cloud infrastructureme2022/07/18 03:54 PM
                          Public cloud infrastructureBrett2022/07/20 03:35 PM
                            Public cloud infrastructureBrett2022/07/21 01:18 PM
                              Public cloud infrastructureinthestratosphere2022/07/21 02:46 PM
                                Public cloud infrastructureBrett2022/07/21 10:38 PM
                                What’s needed for a viable Apple server?Ben T2022/07/22 05:31 AM
                                  What’s needed for a viable Apple server?Michael S2022/07/22 09:09 AM
                                  More DRAM capacity?Mark Roulo2022/07/22 09:48 AM
                                    More DRAM capacity?Doug S2022/07/22 11:05 AM
                                      More DRAM capacity?Mark Roulo2022/07/22 11:20 AM
                                        More DRAM capacity?Doug S2022/07/22 01:48 PM
                                    More DRAM capacity?Wes Felter2022/07/22 04:49 PM
                        Public cloud infrastructureanon22022/07/18 04:25 PM
                      Putting 12 processor packages in a 1U serverBen T2022/07/22 10:02 PM
                        Putting 12 processor packages in a 1U serverrwessel2022/07/23 07:15 AM
                        Putting 12 processor packages in a 1U serverDaniel B2022/07/23 04:15 PM
                          Putting 12 processor packages in a 1U serverBen T2022/07/24 05:29 AM
                            Multi-system cluster design spacePaul A. Clayton2022/07/24 08:49 AM
            RetbleedAnon42022/07/15 03:00 AM
          RetbleedMichael S2022/07/15 06:59 AM
      Retbleed---2022/07/15 11:14 AM
Reply to this Topic
Name:
Email:
Topic:
Body: No Text
How do you spell tangerine? 🍊