Breaking the Barrier: Post-Barrier Spectre Attacks

The effectiveness of transient execution defenses rests on obscure model-specific operations that must be correctly implemented in microcode and applied by software. In this paper, we study branch predictor invalidation through Indirect Branch Predictor Barrier (IBPB) for x86 processors, which is a cornerstone defense against cross-context and cross-privilege Spectre attacks, and discover new vulnerabilities in both its microcode implementation and application by software. Concretely, we demonstrate two new post-barrier speculative return target hijacks on Intel and AMD CPUs. First, we show an end-to-end cross-process attack that leaks the hash of the root password from a suid process. This attack works despite IBPB on recent generations of Intel processors due to a microcode implementation flaw. Second, we show that an unprivileged attacker can leak privileged memory on AMD Zen 1(+)/2 processors despite the deployed IBPB mitigation, due to how IBPB is applied by the Linux kernel. We propose using a chicken bit to disable exploitable return predictions on affected Intel CPUs and a software patch for the Linux kernel to safely use IBPB on affected AMD CPUs.