Spectre v2: Branch Target Injection and Branch History Injection and new native BHI (CVE-2024-2201) - Githubissues

speed47 / spectre-meltdown-checker

Reptar, Downfall, Zenbleed, ZombieLoad, RIDL, Fallout, Foreshadow, Spectre, Meltdown vulnerability/mitigation checker for Linux & BSD

3.84k stars 477 forks source link

Spectre v2: Branch Target Injection and Branch History Injection and new native BHI (CVE-2024-2201) #491

Open taggart opened 4 months ago

taggart commented 4 months ago

CVE-2022-0001 and CVE-2022-0002 were already assigned for BTI and BHI but there is a new native BHI, which is CVE-2024-2201

More details in this new article https://www.bleepingcomputer.com/news/security/new-spectre-v2-attack-impacts-linux-systems-on-intel-cpus/

VUSec's page https://www.vusec.net/projects/native-bhi/

Intel's page for BHI and BTI https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html

Debian's security tracker has some links https://security-tracker.debian.org/tracker/CVE-2024-2201