Researchers Disclose Proof of Concept for New GhostRace Attack

IBM and VU Amsterdam University researchers published on March 12th their study about the new GhostRace attack type.
Apart from the technical paper, blog post and Proof of Concept exploit, they also released scripts for scanning the Linux kernel for SCUAF gadgets.
GhostRace exploits Speculative Race Conditions and is tracked as CVE-2024-2193.
All major hardware makers, like Intel, AMD, ARM, and IBM. operating systems and other software that uses conditional branches to determine whether to enter critical regions.
An SRC attack can grant hackers to access sensitive information from memory, like passwords and encryption keys.
Exploiting CVE-2024-2193 is not an easy way to breach a system.
It requires either physical access to the targeted device or obtaining privileged access.
All the common synchronization primitives implemented using conditional branches can be microarchitecturally bypassed on speculative paths using a Spectre-v1 attack, turning all architecturally race-free critical regions into Speculative Race Conditions, allowing attackers to leak information from the target software.
Race conditions appear if several threads try to access a shared resource at once.
To avoid race conditions, OSes use synchronization primitives.
Security analysis revealed that a malicious actor could use race conditions along with speculative execution, largely used technique for CPU attacks.
A proof of concept showing step-by-step how the SRC concept works is available on GitHub, here.
A generic SRC mitigation to serialize all the affected synchronization primitives on Linux.
Our mitigation requires minimal kernel changes and incurs only ≈5% geomean performance overhead on LMBench.
Researchers notified the major hardware vendors and the Linux kernel regarding their findings about Speculative Race Conditions at the end of 2023.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, and Youtube, for more cybersecurity news and topics.
If you liked this post, you will enjoy our newsletter.
Get cybersecurity updates you'll actually want to read directly in your inbox.
Livia Gyongyoși is a Communications and PR Officer within Heimdal®, passionate about cybersecurity.


This Cyber News was published on heimdalsecurity.com. Publication date: Wed, 13 Mar 2024 18:13:05 +0000


Cyber News related to Researchers Disclose Proof of Concept for New GhostRace Attack

Researchers Disclose Proof of Concept for New GhostRace Attack - IBM and VU Amsterdam University researchers published on March 12th their study about the new GhostRace attack type. Apart from the technical paper, blog post and Proof of Concept exploit, they also released scripts for scanning the Linux kernel for ...
9 months ago Heimdalsecurity.com
'GhostRace' Speculative Execution Attack Impacts All CPU, OS Vendors - Researchers at IBM and VU Amsterdam have developed a new attack that exploits speculative execution mechanisms in modern computer processors to bypass checks in operating systems against what are known as race conditions. The attack leverages a ...
9 months ago Darkreading.com
Attack Vector vs Attack Surface: The Subtle Difference - Cybersecurity discussions about "Attack vectors" and "Attack surfaces" sometimes use these two terms interchangeably. This article guides you through the distinctions between attack vectors and attack surfaces to help you better understand the two ...
1 year ago Trendmicro.com
Researchers extract RSA keys from SSH server signing errors - A team of academic researchers from universities in California and Massachusetts demonstrated that it's possible under certain conditions for passive network attackers to retrieve secret RSA keys from naturally occurring errors leading to failed SSH ...
1 year ago Bleepingcomputer.com
Researchers Claim Design Flaw in Google Workspace Puts Organizations at Risk - Google is disputing a security vendor's report this week about an apparent design weakness in Google Workspace that puts users at risk of data theft and other potential security issues. According to Hunters Security, a flaw in Google Workspace's ...
1 year ago Darkreading.com
Researchers Uncover Simple Technique to Extract ChatGPT Training Data - Can getting ChatGPT to repeat the same word over and over again cause it to regurgitate large amounts of its training data, including personally identifiable information and other data scraped from the Web? The answer is an emphatic yes, according to ...
1 year ago Darkreading.com
macOS Malware Mix & Match: North Korean APTs Stir Up Fresh Attacks - North Korean advanced persistent threat groups are mixing and matching components of two recently unleashed types of Mac-targeted malware to evade detection and fly under the radar as they continue their efforts to conduct operations at the behest of ...
1 year ago Darkreading.com
Google Researchers' Attack Prompts ChatGPT to Reveal Its Training Data - A team of researchers primarily from Google's DeepMind systematically convinced ChatGPT to reveal snippets of the data it was trained on using a new type of attack prompt which asked a production model of the chatbot to repeat specific words forever. ...
1 year ago 404media.co
Vulnerability Recap 5/13/24: F5, Citrix & Chrome - The most dangerous vulnerabilities might be the lesser known Tinyproxy and Cinterion Cellular Modem flaws. The stress and high expense of attacks can be avoided by proactively tracking assets, staying informed, and allocating some resources to ...
7 months ago Esecurityplanet.com
Critical Zimbra RCE flaw actively exploited to take over servers - Attackers can exploit the vulnerability by sending specially crafted emails with commands to execute in the CC field, which are then executed when the postjournal service processes the email. Hackers are actively exploiting a recently disclosed RCE ...
2 months ago Bleepingcomputer.com
Critical Zimbra RCE flaw exploited to backdoor servers using emails - Attackers can exploit the vulnerability by sending specially crafted emails with commands to execute in the CC field, which are then executed when the postjournal service processes the email. Hackers are actively exploiting a recently disclosed RCE ...
2 months ago Bleepingcomputer.com
Chipmaker Patch Tuesday: Intel, AMD Address New Microarchitectural Vulnerabilities - Chipmakers Intel and AMD have published 10 new security advisories this Patch Tuesday to inform customers about vulnerabilities impacting their products. Intel published eight new advisories, including two that describe high-severity vulnerabilities. ...
9 months ago Securityweek.com
New SLAM attack steals sensitive data from AMD, future Intel CPUs - Academic researchers developed a new side-channel attack called SLAM that exploits hardware features designed to improve security in upcoming CPUs from Intel, AMD, and Arm to obtain the root password hash from the kernel memory. SLAM is a transient ...
1 year ago Bleepingcomputer.com
LogoFAIL attack can install UEFI bootkits through bootup logos - Multiple security vulnerabilities collectively named LogoFAIL affect image-parsing components in the UEFI code from various vendors. Researchers warn that they could be exploited to hijack the execution flow of the booting process and to deliver ...
1 year ago Bleepingcomputer.com
Understanding the New SEC Rules for Disclosing Cybersecurity Incidents - The U.S. Securities and Exchange Commission recently announced its new rules for public companies regarding cybersecurity risk management, strategy, governance, and incident exposure. "Currently, many public companies provide cybersecurity disclosure ...
1 year ago Feeds.dzone.com
LogoFAIL bugs in UEFI code allow planting bootkits via images - Multiple security vulnerabilities collectively named LogoFAIL affect image-parsing components in the UEFI code from various vendors. Researchers warn that they could be exploited to hijack the execution flow of the booting process and to deliver ...
1 year ago Bleepingcomputer.com
Data in apps used for aircraft safety remotely tampered with The Register - Criminals could remotely tamper with the data that apps used by airplane pilots rely on to inform safe takeoff and landing procedures, according to fresh research. In a scenario that elicits strong memories of that nail-biting flight scene from Die ...
10 months ago Go.theregister.com
Exploit for CrushFTP RCE chain released, patch now - A proof-of-concept exploit was publicly released for a critical remote code execution vulnerability in the CrushFTP enterprise suite, allowing unauthenticated attackers to access files on the server, execute code, and obtain plain-text passwords. The ...
1 year ago Bleepingcomputer.com
How to Identify a Cyber Adversary: Standards of Proof - In cybersecurity, attribution refers to identifying an adversary likely responsible for malicious activity. It is typically derived from collating many types of information, including tactical or finished intelligence, evidence from forensic ...
9 months ago Darkreading.com
Revolutionizing WordPress Bug Bounty and Security: Latest Enhancements to the Wordfence Bug Bounty Program - Our team has triaged around 2,140 vulnerability submissions, with about 1,320 deemed in-scope. Together with our researchers and software vendors, we've protected millions of websites from vulnerabilities - and this is just the beginning. We're ...
7 months ago Wordfence.com
PoC Exploits Heighten Risks Around Critical New Jenkins Vuln - Internet-exposed Jenkins servers remain unpatched against a critical, recently disclosed arbitrary file-read vulnerability for which proof-of-exploit code is now publicly available. CVE-2024-23897 affects the built-in Jenkins command line interface ...
10 months ago Darkreading.com
Latest Intel CPUs impacted by new Indirector side-channel attack - Modern Intel processors, including chips from the Raptor Lake and the Alder Lake generations are susceptible to a new type of a high-precision Branch Target Injection attack dubbed 'Indirector,' which could be used to steal sensitive information from ...
5 months ago Bleepingcomputer.com
Latest Intel CPUs impacted by new Indirector side-channel attack - Modern Intel processors, including chips from the Raptor Lake and the Alder Lake generations are susceptible to a new type of a high-precision Branch Target Injection attack dubbed 'Indirector,' which could be used to steal sensitive information from ...
5 months ago Bleepingcomputer.com
New PoC Exploit Released by Security Researchers; Impacts All Versions of Linux - Security researchers have released a new proof-of-concept (PoC) exploit that affects all versions of the Linux operating system. The exploit was discovered by UK-based security firm Rhino Security Labs and developed by Justine Cole, a security ...
1 year ago Thehackernews.com
Misconfigured Firebase Instances Expose 125 Million User Records - Hundreds of websites misconfigured Google Firebase, leaking more than 125 million user records, including plaintext passwords, security researchers warn. It all started with the hacking of Chattr, the AI hiring system that serves multiple ...
9 months ago Securityweek.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)