"Retbleed" Published As Arbitrary Speculative Execution With Return Instructions

Written by Michael Larabel in Linux Security on 12 July 2022 at 01:34 PM EDT. 49 Comments
Being made public this Patch Tuesday is "RETBLEED" as two new CVEs for the latest speculative execution attacks affecting today's hardware. Retbleed exploits return instructions and is able to undermine existing defenses against Spectre Branch Target Injection (BTI).

In particular, Retbleed can beat existing return trampolines "retpolines" defenses even though when devised just four years ago the belief was that returns weren't susceptible / too impractical to BTI attacks. Retbleed now proves that return instructions can be practically exploited.

The security researchers found that Retbleed impacts AMD Zen 1/1+/2 and Intel Core 6th through 8th Gen processors.

This does come with added performance cost, from today's disclosure, "Mitigating Retbleed in the Linux kernel required a substantial effort, involving changes to 68 files, 1783 new lines and 387 removed lines. Our performance evaluation shows that mitigating Retbleed has unfortunately turned out to be expensive: we have measured between 14% and 39% overhead with the AMD and Intel patches respectively."

More details about Retbleed on the new Retbleed site.

The Retbleed mitigation work was merged this morning into the Linux kernel. I'll have up Retbleed mitigation benchmarks shortly.

Update: Intel's statement on the matter mailed to us comes down to: "Intel worked with our industry mitigation partners, the Linux community and VMM vendors to make mitigations available to customers. Windows systems are not affected as they already have these mitigations by default." They also went on to add that they take these issues very seriously but don't believe Retbleed is practical outside of a lab environment.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week