AMD processors from as early as 2011 to 2019 carry previously undisclosed vulnerabilities that open them to two new different side-channel attacks, according to a freshly published research.
Furthermore, the security researchers were able to successfully stage a Collide+Probe attack on some common browsers, namely Chrome and Firefox, by bypassing address space layout randomization (ASLR) in browsers, thereby reducing the entropy, and retrieving address information.
"In Firefox, we are able to reduce the entropy by 15 bits with a success rate of 98% and an average run time of 2.33 s (σ=0.03s, n=1000)," the researchers noted. "With Chrome, we can correctly reduce the bits with a success rate of 86.1% and an average run time of 2.90s (σ=0.25s, n=1000)."
The good news is that the twin attacks can be mitigated through a variety of hardware-only, hardware and software changes, and software-only solutions — including designing the processor in a way that allows for dynamically disabling the way predictor temporarily and clearing the state of the way predictor when switching between kernel mode and user mode.