Researchers at the University of Virginia have released a paper outlining an attack that is seen exploiting the micro-op cache, stealing data when a processor fetches from the cache, reminiscent of the 2018 Spectre/Meltdown attacks. This line of attack is said to break all Spectre defenses putting billions of devices at risk. University of Virginia researchers Ashish Venkat said, “…it turns out the walls of this waiting area have ears, which our attack exploits. We show how an attacker can smuggle secrets through the micro-op cache by using it as a covert channel.” Fortunately for defenders, there is a noticeable side-effect to using this attack — it degrades performance on the victim machine enough to raise alarm, which in turn causes a similar effect seen in early patching efforts.
“It is really unclear how to solve this problem in a way that offers high performance to legacy hardware, but we have to make it work,” Venkat said. “Securing the micro-op cache is an interesting line of research and one that we are considering.”