Three researchers from the University of California discovered that modern Intel processors, specifically under Raptor Lake and Alder Lake generations, are vulnerable to a new and sophisticated attack that exploits the branch prediction hardware and redirects the flow of a program.
Since its discovery in 2018 through the Spectre and Meltdown vulnerabilities, Branch Target Injection (BTI) attacks have been extensively researched on by industry experts who have mainly focused on the Branch Target Buffer (BTB) and Return Stack Buffer (RSB) components.
Meanwhile, the often overlooked Indirect Branch Predictor (IBP) has now emerged as a critical factor in identifying new attack vectors that are able to completely bypass existing defenses and pose a threat to modern CPUs.
Dubbed as “Indirector,” this side-channel attack takes advantage of the IBP’s vulnerability in order to execute high-precision branch target injection attacks, opening up a large number of systems that can potentially be compromised.
“We communicated the security findings outlined in the paper to Intel in February 2024. Intel has informed other affected hardware/software vendors about the issues,” the researchers included in the disclosure.
Intel’s Raptor Lake processors, otherwise known as its 13th and 14th gen CPUs, were launched in 2022 – succeeding the Alder Lake processors that represented the chipmaker’s 12th gen CPUs.