Newly-Discovered Vulnerabilities Could Allow for Bypass of Spectre Mitigations in Linux

Newly-Discovered Vulnerabilities Could Allow for Bypass of Spectre Mitigations in Linux

Two new vulnerabilities have been patched in the Linux kernel which, if exploited, could bypass existing mitigations for the Spectre vulnerabilities. The vulnerabilities were discovered by Piotr Krysiuk, a researcher on Symantec’s Threat Hunter team, who reported them to the Linux kernel security team. If left unpatched, the vulnerabilities mean that existing Spectre protections will not be sufficient to prevent some exploitation techniques.

The vulnerabilities in question are:

CVE-2020-27170 – Can reveal contents from the entire memory of an affected computer
CVE-2020-27171 – Can reveal contents from 4 GB range of kernel memory

These bugs affect all Linux machines, but would be particularly impactful on shared resources, as it would allow one malicious user to access data belonging to other users.

The patches for these bugs were first published on March 17, 2021, and are included with the Linux kernels released on March 20.

What are Meltdown and Spectre?

Meltdown and Spectre were two chip vulnerabilities discovered in January 2018 that affected nearly all modern processors and could only be mitigated through operating system patches. A successful exploit of the vulnerabilities could allow attackers to gain unauthorized access to a computer’s memory, including sensitive information, such as passwords. However, the vulnerabilities were only exploitable if the attacker already had access to the machines – if they were a local user or had gained access with an additional step, such as deploying a remote access Trojan (RAT) on the machine.

Spectre exploited flaws in processor designs to reveal contents of memory that should not be normally accessible. It works by observing ..