Transient execution that results from mispredicted return instructions can cause persistent changes in the microarchitecture, which can be used to intentionally leak secrets from a victim process using a covert channel

Description

Transient execution that results from mispredicted return instructions can cause persistent changes in the microarchitecture, which can be used to intentionally leak secrets from a victim process using a covert channel

Risk Assesment: 5.6

CWE

CVE

CVE-2017-5753

CVE-2017-5715

Attack Surfaces

Speculation (MITRE EMB3D PID-11)

Attack Vectors

Speculative Execution (MITRE EMB3D TID-103)

Defenses

preventing speculation altogether, Inserting fences at every return instruction, Disabling speculation in the hardware

preventing speculation on secrets, Implementing ProSpeCT or similar mechanisms in hardware, ...

removing the covert channel, Cache partitioning, Disabling hyperthreading, ...

ORSHIN Attack Defense Framework

Transient execution that results from mispredicted return instructions can cause persistent changes in the microarchitecture, which can be used to intentionally leak secrets from a victim process using a covert channel

Description

CWE

CVE

Attack Surfaces

Attack Vectors

Defenses