this post was submitted on 13 Aug 2023
860 points (99.0% liked)

Technology

59323 readers
4666 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Oh no.

you are viewing a single comment's thread
view the rest of the comments
[–] r00ty@kbin.life 5 points 1 year ago (1 children)

Is that the same as zenbleed or in addition? How easy zenbleed was to test and the kind of information gained was terrifying.

[–] Gsus4@feddit.nl 4 points 1 year ago* (last edited 1 year ago) (1 children)

yea, it's another one https://www.xda-developers.com/amd-inception/ :/

Inception differs from other transient execution attacks by inserting new predictions into the branch predictor during the transient window, creating more powerful transient windows that can be used to overflow the Return Stack Buffer and gain control of the CPU. Mitigating the impact of this attack is apparently challenging.

In the wake of Zenbleed, researchers from ETH Zurich have designed a new class of transient execution attacks, dubbed Training in Transient Execution (TTE). Using TTE, the researchers built an end-to-end exploit called Inception. It can leak kernel memory at a rate of up to 39 bytes per second on AMD Zen 4, and the researchers were able to leak /etc/shadow on a Linux machine in 40 minutes. This file contains hashed user account passwords and is safeguarded by the system, only accessible by the root user. In other words, this exploit is really bad.

[–] r00ty@kbin.life 2 points 1 year ago (1 children)

Damn. I just recently patched up my dedicated box for zenbleed. This seems far worse.

I mean I'm not going to be a high value target. But still, this isn't looking good for either chip maker right now.

[–] ultranaut@lemmy.world 4 points 1 year ago

My understanding is the newest AMD bug is probably not too much of an issue because it's very limited in how much data it can leak at a time and there's no way to target it at specific data so if you wanted to use it to do something like grab a password it's extremely unwieldy and not really practical.