There has been an unveiling of inception attack a fresh vulnerability targeting AMD processors, by a team of ETH Zurich University in Switzerland.
The vulnerability is said to allow a threat actor to leak sensitive information such as encryption keys, and passwords from anywhere of a computer running on an AMD Zen Processor. The attack is similar to that reported in the downfall vulnerability discovered in intel based processor computers by google researchers.
Inception vulnerability, is a transient execution attack, which leverages a pattern known as Training Transient Execution (TTE), a kind of attack named Phantom Speculation.
In an explanation by the researchers detailing information about the attack:
“As in the movie of the same name, Inception plants an idea in the CPU while it is in a sense dreaming, to make It take wrong actions based on supposedly self-conceived experiences. Using this approach, Inception hijacks the transient control-flow of return instructions on all AMD Zen CPUs.”
The researchers published separate articles that describes in detail the Inception and phantom attacks. Also, a proof-of-concept (POC) source code , and a video showing how the exploit is conducted can be viewed here.
In a published article on the advisory disclosure by AMD, it was confirmed that truly the attack can result into sensitive information being disclosed.
“AMD has received an external report titled ‘INCEPTION’, describing a new speculative side channel attack. The attack can result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. This attack is similar to previous branch prediction-based attacks like Spectrev2 and Branch Type Confusion (BTC)/RetBleed.”
CVE information CVE-2023-20569 describes details about the vulnerability and its exploitation. It is said that the vulnerability allows an attacker to influence the return address prediction in some AMD CPUs. This will enable the attacker-controlled register disclose information.
The company announced on their website that customers can either apply the standalone µcode patch or a BIOS update that incorporates the µcode patch, as applicable for products running on the “Zen 3” and “Zen 4” CPU architecture. To know more about this attack follow this information link.
Please do let us know in the comment section what are your thoughts about this.