Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label AMD. Show all posts

Experts Find Sinkclose Bug in Millions of AMD Processors, Hard to Patch

Experts Find Sinkclose Bug in Millions of AMD Processors, Hard to Patch

A recently found major security flaw called 'Sinkclose' impacts virtually all of the AMD's processors released since 2006. The vulnerability allows threat actors to deeply infiltrate into a system, making it difficult to identify and eliminate the malicious software. According to experts, the problem is serious, in some cases, it would be easier to just dump the system than to fix it.

About Sinkclose Bug

But there is a good side to it, since the flaw has not been found for 18 years, chances are it hasn't been exploited. Additionally, AMD is patching its platforms to protect the affected processors, however, not all have received a patch yet. See this list for full details.

Sinkclose is known for escaping anti-viruses and persistence even after reinstalling OS. The bug allows threat actors to execute code within AMD processors' SMM (System Management System), a privileged region kept for critical firmware operations. To use the flaw, threat actors must first gain access to the system's kernel, a difficult task, but doable. But the system must already have been targeted by some other attack.

Persistent Threat

After securing the access, the Sinkclose vulnerability lets the attackers install bootkit malware that escapes detection by antivirus tools, staying hidden within the system and persists even after re-installing the OS.

The flaw uses a feature in AMD chips called TClose, which maintains compatibility with older devices. By exploiting this feature, the experts could redirect the processor to execute their code at the SMM level. The process is complicated but lets attackers with access and control over the device.

Flaw Needs Kernel-level Access

Cybersecurity experts Krzysztof Okupski and Enrique Nissim from IOActive found the Sinkclose vulnerability, they will present it at the Defcon conference."To take advantage of the vulnerability, a hacker has to already possess access to a computer's kernel, the core of its operating system," AMD said to Wired.

Experts highlight that although the Sinkclose exploit needs kernel-level access, the flaws at this level are found in Linux and Windows systems. Advanced state-sponsored hackers might already have what it takes to exploit these flaws. 

Experts suggest kernel exploits are readily available, which makes Sinkclose the second stage for the threat actors. To eliminate the malware, one must open the computer and connect to a particular part of its memory using an SPI Flash programmer, inspect the memory with caution, and then remove the malware. 

AI Boom: Cybercriminals Winning Early

Artificial intelligence (AI) is ushering in a transformative era across various industries, including the cybersecurity sector. AI is driving innovation in the realm of cyber threats, enabling the creation of increasingly sophisticated attack methods and bolstering the efficiency of existing defense mechanisms.

In this age of AI advancement, the potential for a safer world coexists with the emergence of fresh prospects for cybercriminals. As the adoption of AI technologies becomes more pervasive, cyber adversaries are harnessing its power to craft novel attack vectors, automate their malicious activities, and maneuver under the radar to evade detection.

According to a recent article in The Messenger, the initial beneficiaries of the AI boom are unfortunately cybercriminals. They have quickly adapted to leverage generative AI in crafting sophisticated phishing emails and deepfake videos, making it harder than ever to discern real from fake. This highlights the urgency for organizations to fortify their cybersecurity infrastructure.

On a more positive note, the demand for custom chips has skyrocketed, as reported by TechCrunch. As generative AI algorithms become increasingly complex, off-the-shelf hardware struggles to keep up. This has paved the way for a new era of specialized chips designed to power these advanced systems. Industry leaders like NVIDIA and AMD are at the forefront of this technological arms race, racing to develop the most efficient and powerful AI chips.

McKinsey's comprehensive report on the state of AI in 2023 reinforces the notion that generative AI is experiencing its breakout year. The report notes, "Generative AIs have surpassed many traditional machine learning models, enabling tasks that were once thought impossible." This includes generating realistic human-like text, images, and even videos. The applications span from content creation to simulating real-world scenarios for training purposes.

However, amidst this wave of optimism, ethical concerns loom large. The potential for misuse, particularly in deepfakes and disinformation campaigns, is a pressing issue that society must grapple with. Dr. Sarah Rodriguez, a leading AI ethicist, warns, "We must establish robust frameworks and regulations to ensure responsible use of generative AI. The stakes are high, and we cannot afford to be complacent."

Unprecedented opportunities are being made possible by the generative AI surge, which is changing industries. The potential is limitless and can improve anything from creative processes to data synthesis. But we must be cautious with this technology and deal with the moral issues it raises. Gaining the full benefits of generative AI will require a careful and balanced approach as we navigate this disruptive period.


Zen 1 Vulnerability AMD Patchwork Proved Weak, Second Pass Issued


While AMD engineers have already patched their Zen 1 “Division by Zero” bug, it was not the end of their problems, as the company may have released a patch quickly, but perhaps a little too quickly: claims Borislav Petkov, an AMD Linux Engineer. He apparently fixed the issue concerning AMD with the original solution (mentioned in a statement published by Petkov). It is just another example of the challenges in protecting against potential attack routes.

According to the findings, AMD's CPU may have kept "stale quotient data" within its registers even after the patchwork was over, consequently providing attackers with a window to retrieve private information. The original fix was to conduct a final “dummy division 0/1 before returning from the #DE exception handler.” The idea is quite straightforward: after completing the 0/1 division, which always yields zero results, any remaining old data would be eliminated.

The drawback of the fix, explained by Petkov, was that the speculative execution attack would have progressed too far by the time that the security feature took effect. There would already be some outdated data on AMD's divider, which the attackers could access before the dummy division kicked in. 

Petkov notes that his new solution now upholds that same division in several scenarios:

"Initially, it was thought that doing an innocuous division in the #DE handler would take care to prevent any leaking of old data from the divider but by the time the fault is raised, the speculation has already advanced too far and such data could already have been used by younger operations,” says Petkov. “Therefore, do the innocuous division on every exit to userspace so that userspace doesn't see any potentially old data from integer divisions in kernel space[…]Do the same before VMRUN too, to protect host data from leaking into the guest too,"

Similar instances indicate how busy this month turned out to be for vulnerabilities in the CPU realm, for both AMD and Intel. From Intel’s severe Downfall vulnerability (affecting Skylake through Tiger Lake/Rocket Lake) to AMD's SQUIP and Inception vulnerabilities and the now re-fixed "divide by zero" vulnerability, researchers have shown much determination in solving the issues. 

However, while these new issues are connected to speculative execution vulnerabilities, they still do not come close to the illustrious history of Meltdown and Spectre days. Speculative execution describes how contemporary CPUs attempt to foresee calculation steps before they are even required, ensuring that the essential data is already available in the event that the execution is asked for. Although several of those vulnerabilities' remedies resulted in (often significant) performance costs, it is at least encouraging that AMD's 0/1 dummy division does not have any additional expenses.

A Software Vulnerability in AMD's Chip Compromises Tesla's Paid Features

 


There is an AMD-based infotainment system vulnerability that can be exploited by researchers from the Technical University of Berlin to unlock restricted vehicle features, according to research. As a result, it has become particularly noticeable in vehicles that provide premium features behind a paywall, including Tesla. 

Tesla has arguably one of the most comprehensive systems (if not the most extensive) of its kind in the automotive industry. BMW is not the only automaker that charges for optional extras, with subscription models for commodities such as heated seats also making headlines in recent months. 

Using hacking techniques on the embedded computer in the car, you can unlock these features without paying an additional fee, the team claims. Security researchers from the University of Massachusetts have reportedly discovered a way to exploit Tesla's modern AMD-based cars to create a persistent Tesla jailbreak that might be the first of its kind in the world. It is the work of three German Ph.D. students. 

As part of the preparation for their presentation at next week's Blackhat 2023 conference, the team published a briefing. A working command and control attack against Tesla's next-generation AMD-based media control unit (MCU) will be demonstrated. In the opinion of the researchers, the jailbreak used a hardware exploit against a component in the MCU that has already been known to exist – an exploit that the researchers say has enabled access to one of the most important cars purchase-making systems – and perhaps even tricks the car into thinking it has already paid for them. 

Since Teslas are among the most popular electric vehicles on the market, they are an easy target for hackers, for sensitive data they contain. Researchers from the Technical University of Berlin have now discovered a way to exploit the Multi-Channel Units found in modern Tesla vehicles to unlock paid features and unlock many more in the future. They exploited a vulnerability known to be present in AMD's processor that controls Tesla's motor control unit to execute the attack. The Media Control Unit, or MCU, is a Tesla term used to describe the system that controls all the facets of the car, including the touch screen, navigation system, and entertainment system. Among the first few generations there is the NVIDIA Tegra-powered MCU0/1, and the second generation is the Intel Atom-based MCU2. 

There is a new generation of MCU-Z implemented based on a custom AMD Ryzen SoC that comes with a custom processor. The researchers are focusing their attention on the MCU-Z because of its interesting features. Apparently, according to the researchers, they were able to exploit the MCU-Z by using voltage fault injection attacks (an attack type usually found in certain types of malware). 

Tesla's MCU-Z processor is designed to be resilient to such attacks, and it is known that voltage glitching can also be used to exploit Zen 2- and Zen 3-based processors; this attack vector also affects the Ryzen SoC found inside Tesla's MCU-Z. The researchers performed a voltage fault injection attack on the MCU-Z's Platform Security Processor using multiple connections to the power supply, BIOS SPI chip, and SVI2 bus by using the various connections to the power supply, SPI chip, and SVI2 bus. 

It was discovered by using a voltage fault injection attack against the AMD Security Processor, which serves as the heart of the platform's security. This attack allowed researchers to bypass software locks on certain features intended to prevent the exploitation of the vulnerability. It is also important to note that bypassing built-in security does not require expensive hardware or gadgets—the researchers reported that they used inexpensive hardware to subvert the ASP's initial boot code, and then reverse engineer the boot flow to gain deep access that was normally out of reach of humans.

For those users who wish to bypass Tesla's security locks to bypass Tesla's network, this amounts to a jailbreak. This is one of the greatest security concerns, as it makes private information vulnerable to hackers. However, that is probably not a problem if the vehicle is physically accessible. 

As a result of this method, researchers claim that certain features that are normally paid for can be unlocked for free. In addition, it is unclear whether or not that includes those more expensive features that add to the overall cost, such as Enhanced Autopilot and/or Full Self-Driving functionality. Those features cost $6,000 and $15,000, respectively. With this exploit, it is possible to gain access to hundreds of dollars worth of paid features that are otherwise unavailable. 

In addition, Tesla cannot address the issue with a software update since it is supposedly unpatched and cannot be patched in the future. This attack is not yet clear in terms of the specifics, researchers say they can accomplish this by using inexpensive, off-the-shelf hardware to accomplish this task. 

Despite the complexity of this attack, it is possible to deduce how the researchers plan to carry out the attack. This is done using a previous presentation at Black Hat 2022 given in part by Niklas Jacob (one of the students who worked on this project). Assuming that the attack is similar, it is possible to deduce how they might plan on performing it. Typically, voltage-based faults can cause problems during the boot process, where a fault can cause a failure. In the first step, the researchers replaced AMD's public cryptographic key with their own. 

At the same time, they injected their custom bootloader image into the processor. This error would typically fail to verify the key because it would not be a trusted key expected to be used while booting the system. Despite this, the attackers can fool the ASP and its components by making them think that a valid key is present, causing the ASP and its components to believe that the key is valid, using the magic of voltage faulting, that is, applying a specific voltage to the integrated circuit to simulate a particular fault condition.   

Intel and AMD CPU Trageted by the New 'Hertzbleed' Remote Side-Channel Attack

A group of academic researchers has found a potential side-channel method that uses a CPU timing hack to allow attackers to remotely retrieve critical information from a target network. The problem, which has been dubbed Hertzbleed by a team of researchers from the University of Texas, the University of Illinois Urbana-Champaign, and the University of Washington, is induced by dynamic voltage and frequency scaling (DVFS), power and thermal management feature used to conserve power and reduce the amount of heat generated by a chip.  

"Periodic CPU frequency adjustments depend on current CPU power usage under particular situations, and these adjustments immediately translate to execution time variations (since 1 hertz Equals 1 cycle per second)," the researchers stated. An intruder can exploit cryptographic software and get crucial cryptographic keys by analyzing these temporal differences – in some circumstances, even a remote attacker can detect the variances.

SIKE, or Supersingular Isogeny Key Encapsulation, a post-quantum key encapsulation technology utilized by firms like Microsoft and Cloudflare, was used to demonstrate the assault. In reaction to the discoveries, both AMD (CVE-2022-23823) and Intel (CVE-2022-24436) have released independent advisories, with the latter stating that Hertzbleed affects all Intel processors due to unauthorized access. 
There are no patches available. 

Intel has issued two customer advisories in response to the Hertzbleed attacks. All of Intel's chips are affected, as per the chipmaker. While no CPU firmware changes have been released, the company has provided cryptography recommendations for software developers to "harden its libraries and applications from frequency throttling information leaking."

Hertzbleed has been the subject of an AMD alert; several desktops, mobile, Chromebook, and server processors have been identified as being affected by the bug, as per the company. AMD has also recommended that software developers implement defenses.

It's not the first time that new data theft techniques from Intel chips have been discovered. Two Hertzbleed co-authors showed an "on-chip, cross-core" side-channel attack targeting Intel Coffee Lake and Skylake CPUs' ring interconnect in March 2021. The researchers stated, "The message is that current cryptography engineering approaches for writing constant-time code are no longer sufficient to guarantee constant-time execution of software on newer, variable-frequency CPUs."

New Exploit Circumvents Existing Spectre-V2 Mitigations in Intel and Arm CPUs

 

Researchers have revealed a new technique that might be used to bypass existing hardware mitigations in modern processors from Intel, AMD, and Arm CPUs and stage speculative execution attacks like Spektre to expose sensitive data from host memory. 

Spectre attacks are aimed to disrupt the isolation between different applications by using an optimization technique known as speculative execution in CPU hardware implementations to mislead programmes into accessing arbitrary memory regions and leaking their secrets. While chipmakers have included software and hardware defences such as Retpoline and safeguards such as Enhanced Indirect Branch Restricted Speculation (eIBRS) and Arm CSV2, the latest technique demonstrated by VUSec researchers seek to circumvent all of these measures. 

Branch History Injection (BHI or Spectre-BHB) is a new variant of Spectre-V2 attacks (tracked as CVE-2017-5715) that circumvent both eIBRS and CSV2, according to the researchers, and exposes arbitrary kernel memory on modern Intel CPUs.

"The hardware mitigations do prevent the unprivileged attacker from injecting predictor entries for the kernel," the researchers explained,

"However, the predictor relies on a global history to select the target entries to speculatively execute. And the attacker can poison this history from userland to force the kernel to mispredict to more 'interesting' kernel targets (i.e., gadgets) that leak data," the Systems and Network Security Group at Vrije Universiteit Amsterdam added. 

To put it another way, malicious code can use the CPU Branch History Buffer (BHBshared )'s branch history to affect mispredicted branches within the victim's hardware context, leading to speculative execution that can subsequently be used to infer information that would otherwise be inaccessible. All Intel and Arm processors that were previously vulnerable to Spectre-V2, as well as a number of AMD chipsets, are now vulnerable to Spectre-BHB, forcing the three firms to release software upgrades to address the problem. 

Customers should also disable the unprivileged extended Berkeley Packet Filters (eBPF) in Linux, enable both eIBRS and Supervisor-Mode Execution Prevention (SMEP), and apply LFENCE to particularly identified gadgets that are discovered to be susceptible, according to Intel. 

The researchers stated, "The [Intel eIBRS and Arm CSV2] mitigations work as intended, but the residual attack surface is much more significant than vendors originally assumed. Nevertheless, finding exploitable gadgets is harder than before since the attacker can't directly inject predictor targets across privilege boundaries. That is, the kernel won't speculatively jump to arbitrary attacker-provided targets, but will only speculatively execute valid code snippets it already executed in the past."

Researchers Devise New Time And Power-Based Side-Channel Attacks that Affect AMD CPUs

 

A team of researchers from the Graz University of Technology and CISPA Helmholtz Center for Information Security. developed a novel side-channel exploit that targets AMD CPUs. 

Moritz Lipp and Daniel Gruss of the Graz University of Technology, along with Michael Schwarz of the CISPA Helmholtz Center for Information Security, established the new attack technique. They were first to uncover the Meltdown and Spectre vulnerabilities, which opened the door for numerous additional side-channel attack methods targeting commonly used chips. 

These side-channel exploits generally permit a malicious program installed on the targeted system to leverage CPU flaws to access potentially sensitive information in memory linked with other apps, such as credentials and encryption keys. 

Several of the side-channel assaults revealed in recent years have targeted Intel processors, but systems powered by AMD processors are not protected, as per the recently published research. 

“In contrast to previous work on prefetch attacks on Intel, we show that the prefetch instruction on AMD leaks even more information,” the researchers explained in the abstract of their paper. 

The study presented numerous attack scenarios, one of which researchers used a Spectre attack to disclose confidential material from the operating system and provided a novel way for building a covert channel to steal information. 

In addition, the research suggests having discovered the first "full microarchitectural KASLR (kernel address space layout randomization) break on AMD that works on all major operating systems." KASLR is an attack mitigation method, and the experts demonstrated how an intruder might defeat it on laptops, desktop PCs, and cloud virtual machines. 

AMD was notified about the results in mid-and late 2020, the vendor recognized them and gave a response in February 2021; the flaws have been assigned the CVE identifier CVE-2021-26318 and a medium severity grade by AMD. 

The chipmaker acknowledged that perhaps the problem affects all of its processors, but it isn't suggesting any additional mitigations since "the attacks discussed in the paper do not directly leak data across address space boundaries." 

Lipp feels that their most recent study covers several intriguing features of AMD CPUs that might spur further investigation into side-channel assaults. 

He further explained, “For instance, we use RDPRU as a timing primitive as the typically used rdtsc instruction has a lower resolution on AMD. This allows to distinguish events with only a slight timing difference. On the other hand, we use the reported energy consumption of the AMD driver to mount an attack. While this driver has now been removed from the Linux kernel, using this energy source could be interesting to mount other power side-channel attacks as we have shown on Intel with the PLATYPUS attacks.”

Hackers are Selling Tool to Hide Malware in GPUs

 

Cybercriminals are moving towards malware attacks that can execute code from a hacked system's graphics processing unit (GPU). Although the approach is not new, and demo code has been published in the past, most of the projects to date have come from academics or were unfinished and unpolished. 

Recently in August, the proof-of-concept (PoC) was sold on a hacker forum, perhaps signaling hackers' shift to a new level of complexity in their attacks. 

Code Tested on Intel, AMD, and Nvidia GPUs

In a brief post on a hacking forum, someone offered to sell the proof-of-concept (PoC) for a strategy that keeps harmful code protected from security solutions scanning the system RAM. The seller gave a brief description of their technique, claiming that it stores malicious code in the GPU memory buffer and then executes it from there. 

As per the advertiser, the project only works on Windows PCs that support OpenCL 2.0 and above for executing code on various processors, including GPUs. It also stated that he tested the code on Intel (UHD 620/630), Radeon (RX 5700), and GeForce (GTX 740M(? ), GTX 1650) graphics cards. 

However, there are fewer details regarding this new hack, but the post went live on August 8 and was apparently sold for an unknown amount on August 25.

Another hacker forum user mentioned that GPU-based malware had been done before, citing JellyFish, a six-year proof-of-concept for a Linux-based GPU rootkit. 

The vendor dismissed the links to the JellyFish malware, stating that their approach is unique and does not rely on code mapping to userspace. There is no information regarding the transaction, such as who purchased it or how much they paid. Only the seller's article claims to have sold the malware to an unidentified third party. 

Academic Study

Researchers at the VX-Underground threat repository stated in a tweet on Sunday that the malicious code allows binary execution by the GPU in its memory region. They also noted that the technique will be demonstrated soon. 

PoCs for a GPU-based keylogger and a GPU-based remote access trojan for Windows were also disclosed by the same researchers that created the JellyFish rootkit. All three projects were released in May 2015 and are open to the public. 

While the mention of the JellyFish project implies that GPU-based malware is a new idea, the foundation for this attack approach was developed around eight years ago. 

Researchers from the Institute of Computer Science - Foundation for Research and Technology (FORTH) in Greece and Columbia University in New York demonstrated in 2013 that GPUs can execute a keylogger and save recorded keystrokes in their memory space [PDF document here]. 

The researchers previously evidenced that malware authors may use the GPU's processing capabilities to pack code with extremely sophisticated encryption methods considerably faster than the CPU.

Experts Find Vulnerabilities in AMD Zen Processor

 

German cybersecurity experts at TU Dresden discovered that Zen processor of AMD is susceptible to data-bothering meltdown like attacks in the end. Exploiting this vulnerability is an academic drill, turns out, there exist much easier and simpler techniques to meddle with systems. In simpler terms, it's a reminder that modern CPU designs have various kinds of side channels, and many yet to be discovered. 

The Register reports "in a paper [PDF] titled "Transient Execution of Non-Canonical Accesses," released via ArXiv, Saidgani Musaev and Christof Fetzer analyzed AMD Zen+ and Zen 2 chips – namely the Epyc 7262, Ryzen 7 2700X, and the Threadripper 2990WX – and found that they were able to adversely manipulate the operation of the CPU cores." When Spectre and Meltdown vulnerabilities came out, in the beginning experts said that Meltdown was only authenticated on Intel x86 chipsets. The list then included IBM hardwares and an Arm Cortex core, however, it was not clear if IBM parts had vulnerabilities. AMD in a statement said that Meltdown didn't affect the processors. 

"The way its chips executed load instructions meant data would not be fetched if architecturally disallowed in the processor's current execution context, it said. In other words, load instructions executed in user mode can't be used to discern the contents of kernel-mode memory, as expected."

"Musaev and Fetzer say that's true for classical Meltdown attacks that rely on fetching data from the L1 data cache and for a variant called Microarchitectural Data Sampling (MDS) that targets specific buffers. But they found another way to poison the way in which a CPU core access data in memory "that is very similar to Meltdown-type behavior," said The Register. 

Most importantly, this technique can't be used by a single process to read a kernel or different process memory, however, a thread in the program can use it to affect different thread in the same memory space. It isn't similar to a classic meltdown, where a Rogue app rips off keys from kernel memory. "The violation we report does not lead to cross address space leaks, but it provides a reliable way to force an illegal dataflow between microarchitectural elements," said the experts.

Chipmaker AMD Discover Two New Flaws Against its SEV Techonology

 

The chipmaker AMD published guidelines for two new attacks (CVE-2020-12967, CVE-2021-26311) against its SEV (Secure Encrypted Virtualization) technology that protects virtual machines from rogue operating systems.

The two attacks, documented in two research papers, respectively titled as “Severity: Code Injection Attacks against Encrypted Virtual Machines” and “undeSErVed trust: Exploiting Permutation-Agnostic Remote Attestation,” can allow cybercriminals to inject arbitrary code into the virtual machine, giving them full control over the VM’s operating system.

The two attacks, SEVurity and undeSErVed, work not only against AMD CPUs protected by SEV but also SEV-ES (Secure Encrypted Virtualization-Encrypted State), an improved version of the technology that AMD released in 2017, a year after adding SEV to its CPUs.

The chipmaker released its security advisory this week because the findings of the two attacks will be presented by two research teams at this year’s 15th IEEE Workshop on Offensive Technologies (WOOT’21).

The first vulnerability, discovered as CVE-2020-12967, is caused by the lack of nested page table protection in the AMD SEV/SEV-ES feature which could potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor. 

The second vulnerability, tracked as CVE-2021-26311, resides in the AMD SEV/SEV-ES feature. According to the security advisory, the memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor.

The chipmaker said all AMP EPYC processors are affected by these vulnerabilities which include 1st/2nd/3rd Gen AMD EPYC™ Processors and AMD EPYC™ Embedded Processors. “The mitigation requires the use of SEV-SNP, which is only supported on 3rd Gen AMD EPYC,” the company added. The vendor has provided mitigation in the SEV-SNP feature which is available for enablement in 3rd Gen AMD EPYC™ processors. Customers could mitigate the attacks by enabling SEV-SNP, which is only supported on 3rd Gen AMD EPYC™. 

The researchers revealed the following acknowledgment: 

• CVE-2020-12967: Mathias Morbitzer, Martin Radev and Erick Quintanar Salas from Fraunhofer AISEC and Sergej Proskurin and Marko Dorfhuber from Technical University of Munich

• CVE-2021-26311: Luca Wilke, Jan Wichelmann, Florian Sieck, and Thomas Eisenbarth from University of Lübeck 

Earlier this month, AMD dismissed the allegations that its CPUs were impacted by an attack that bypassed the patches for the original 2018 Spectre attack, detailed in a paper called “I see dead µops: leaking secrets via Intel/AMD micro-op caches”.