Researchers from Vrije Universiteit Amsterdam’s Systems and Network Security Group (VUSec) have unveiled the inaugural native Spectre v2 exploit targeting the Linux kernel on Intel systems. Dubbed Native Branch History Injection (BHI), this exploit bypasses existing Spectre v2/BHI mitigations to pilfer sensitive data from memory, achieving a speed of 3.5 kB/sec.
BHI represents a significant security vulnerability tracked as CVE-2024-2201, initially highlighted by VUSec in March 2022. While previously mitigated through disabling Linux’s unprivileged eBPFs as per Intel’s recommendations, BHI circumvents this defense mechanism, affecting all susceptible Intel systems.
This exploit enables attackers with CPU access to manipulate speculative execution paths via malicious software, facilitating the extraction of sensitive data associated with a different process. The flaw impacts multiple platforms, including Illumos, Red Hat, SUSE Linux, Triton Data Center, and Xen, with AMD products under scrutiny.
The revelation of this exploit follows closely on the heels of IBM and VUSec’s GhostRace variant of Spectre v1 and ETH Zurich’s Ahoi Attacks, underscoring the evolving landscape of hardware-based vulnerabilities and the pressing need for robust security measures in modern computing environments.
