Google observed some undocumented (to the best of their knowledge) behavior of the indirect branch predictors, specifically relative to _ret_ instructions. The research they conducted appears to show that this behavior does not seem to create exploitable security vulnerabilities in the software they have tested. They would like to better understand the impact and implications for different software stacks, thus they welcome feedback or further research. Included is proof of concept code.
ebca14f100ab1f543d3c2aebe9a56b5068ca62d114ff25a3d83d52c2308a7399
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed