multiple new vulnerabilities disclosed

[lilyanatia]

https://arxiv.org/abs/1811.05441

In this paper, we present a sound and extensible systematization of transient execution attacks. Our systematization uncovers 7 (new) transient execution attacks that have been overlooked and not been investigated so far. This includes 2 new Meltdown variants: Meltdown-PK on Intel, and Meltdown-BR on Intel and AMD. It also includes 5 new Spectre mistraining strategies. We evaluate all 7 attacks in proof-of-concept implementations on 3 major processor vendors (Intel, AMD, ARM). Our systematization does not only yield a complete picture of the attack surface, but also allows a systematic evaluation of defenses. Through this systematic evaluation, we discover that we can still mount transient execution attacks that are supposed to be mitigated by rolled out patches.

[boldandbusted]

Just for reference: https://www.theregister.co.uk/2018/11/14/spectre_meltdown_variants/ and https://arstechnica.com/gadgets/2018/11/spectre-meltdown-researchers-unveil-7-more-speculative-execution-attacks/

[speed47]

Intel seems to say that there will not be additional mitigation for those variants, so at the moment there's no mitigation to check for. I'll still keep this ticket open with the "information" tag, just in case this changes in the future, this wouldn't be the first time... Thanks!