The same team of researchers behind the discovery of microarchitectural attacks such as Meltdown, Spectre and Zombieload uncover yet another exploit lurking inside Intel CPUs-- Load Value Injection (LVI), a flaw allowing "reverse Meltdown" attacks.
Discovered on 4 April 2019 and reported to Intel before public disclosure on 10 March 2020, LVI turns previous data extraction attacks and defeats all existing mitigations at both software and hardware levels. According to the researchers, this makes LVI "much harder to mitigate" compared to previous attacks, and can affect just about any access to memory. Intel was involved with the disclosure, and says it affects Atom, Core and Xeon processors, as well as the newest Ice Lake (10th Gen) chips and even the upcoming Tremont Atom core.
Read more...