On March 12, researchers from the VUSec laboratory and IBM unveiled details about a new cybersecurity threat named GhostRace. This vulnerability, which is centered on speculative execution, affects a wide range of processor architectures, including x86, Arm, RISC-V, and others. The threat is also relevant for various operating systems.
VUSec and IBM researchers discovered a new type of attack that utilizes speculative execution. The technique, which is similar to the Meltdown and Spectre threats discovered in 2016, expedites processor functions by preliminarily processing potential future instructions. While it enhances performance, it also paves the way for complex “race condition” attacks. The GhostRace vulnerability leverages issues caused by asynchronous threads during speculative execution, leading to “race conditions” that allow malicious actors to extract confidential information by exploiting modern processors’ architectural features. It’s important to note that speculative execution, though not a defect in itself, is a critical function that ensures high CPU performance.
Prior to the study’s publication on the GhostRace vulnerability, the researchers informed key hardware manufacturers and Linux kernel developers about the issue in late 2023. This provided the needed time to assess the threat and develop defense strategies and mitigations to minimize the risk of exploiting the vulnerability at the OS and hardware levels.
Initial attempts by Linux kernel developers to fix the vulnerability looked promising, but further testing showed that the proposed solutions did not completely seal off the vulnerability. This underscored the complexity of fighting speculative execution level attacks and the need for a comprehensive approach to the problem.
The official GhostRace documentation presents recommendations for mitigating the threat, pointing to a possible performance reduction in the system level of around 5% according to LMBench tests. This indicates that security measures developed can be effectively integrated without critically impacting performance.
The documentation does not mention specific safety measures undertaken for other platforms, but AMD emphasized that steps taken against the Spectre v1 vulnerability remain relevant to combat GhostRace. Given manufacturers’ past experience in dealing with similar issues, it’s expected that effective defense strategies will be developed and implemented in the near future.