Git-Mirrors
/
thgtoa
mirror of https://github.com/Anon-Planet/thgtoa.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Detail new architectural CPU bugs 

- Detail Downfall attacks
- Detail Inception & Phantom attacks
This commit is contained in:
Than Harrison 2023-08-09 12:39:33 -04:00 committed by nopenothinghere
parent c23dd99036
commit 57698e248d
Signed by untrusted user who does not match committer: nope
GPG Key ID: 21AB6B6A6CB2C337
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
guide.md
View File

@ -12412,6 +12412,8 @@ Model-specific registers (MSRs) and their configuration bits can also be detecte
- [SQUIP](https://www.nextplatform.com/2022/08/11/squip-side-channel-attack-rattles-amds-zen-cores/) <sup>[[Archive.org]](https://web.archive.org/web/20220812082548/https://www.nextplatform.com/2022/08/11/squip-side-channel-attack-rattles-amds-zen-cores/)</sup> - Scheduler Queue Usage via Interface Probing. All of AMD's Zen CPUs are vulnerable to a medium-severity flaw which can allow threat actors to run side-channel attacks.
- [Hertzbleed](https://www.schneier.com/blog/archives/2022/06/hertzbleed-a-new-side-channel-attack.html) <sup>[[Archive.org]](https://web.archive.org/web/20220712000058/https://www.schneier.com/blog/archives/2022/06/hertzbleed-a-new-side-channel-attack.html)</sup> - Deducing cryptographic keys by analyzing power consumption has long been an attack, but its not generally viable because measuring power consumption is often hard. This new attack measures power consumption by measuring time, making it easier to exploit.
- [Retbleed](https://www.bleepingcomputer.com/news/security/new-retbleed-speculative-execution-cpu-attack-bypasses-retpoline-fixes/) <sup>[[Archive.org]](https://web.archive.org/web/20220804151557/https://www.bleepingcomputer.com/news/security/new-retbleed-speculative-execution-cpu-attack-bypasses-retpoline-fixes/)</sup> - Retbleed focuses on return instructions, which are part of the retpoline software mitigation against the speculative execution class of attacks that became known starting early 2018, with Spectre.
- [Downfall](https://downfall.page/) <sup>[[Archive.org]](https://web.archive.org/web/20230809145002/https://downfall.page/)</sup> - Gather Data Sampling (GDS) and Gather Value Injection (GVI) techniques exploit the **gather** instruction to steal information from [SIMD register buffers](https://en.wikipedia.org/wiki/Single_instruction,_multiple_data) and victim processes.
- [Phantom & Inception](https://comsec.ethz.ch/research/microarch/inception/) <sup>[[Archive.org]](https://web.archive.org/web/20230809095321/https://comsec.ethz.ch/research/microarch/inception/)</sup> - Attacks that leak arbitrary data using seemingly "phantom" instructions on AMD Zen CPUs; "[making] it take wrong actions based on supposedly self conceived experiences", an allusion to the Inception movie, one we have made before.
# Appendix B6: Warning for using Orbot on Android