Security Experts:

Connect with us

Hi, what are you looking for?



Retbleed: New Speculative Execution Attack Targets Intel, AMD Processors

Researchers at Swiss university ETH Zurich have devised a new speculative execution attack that can lead to information leaks and works against both Intel and AMD processors.

Researchers at Swiss university ETH Zurich have devised a new speculative execution attack that can lead to information leaks and works against both Intel and AMD processors.

Named Retbleed, the attack targets retpolines (return trampolines), one of the defenses that was proposed in 2018 to mitigate Spectre, a subset of microarchitectural timing side-channel attacks affecting modern microprocessors.

Spectre vulnerabilities existed because branch mispredictions could result in private data becoming visible to attackers. Reptolines were introduced to mitigate the attack by replacing indirect jumps and calls with returns. Despite concerns, the risk associated with the behavior of return prediction in deep call stacks was considered low and reptolines became the main mitigation against Spectre.

While returns were deemed impractical to exploit to leak memory – because returns should not be predicted as indirect branches under normal microarchitectural conditions – the ETH Zurich researchers discovered that exploitation is, in fact, practical.

After reverse engineering the behavior of return instructions, the academics devised Retbleed, which exploits return instructions because there are specific microarchitectural conditions that can be triggered to force returns to be predicted like indirect branches, on both AMD and Intel processors.

“Our reverse engineering results show that all return instructions that follow sufficiently-deep call stacks can be hijacked using a precise branch history on Intel CPUs. On AMD CPUs, we find that any return instruction can be hijacked, regardless of the previous call stack, as long as the previous branch destination is correctly chosen during branch poisoning,” the academics note in their research paper.

On Intel chips, the researchers underflowed the return stack buffer – where return target predictions reside – which resulted in returns behaving like indirect jumps. The academics also say they could hijack all returns coming after the underflow.

“This happens upon executing deep call stacks. In our evaluation, we found over a thousand of such conditions that can be triggered by a system call,” the researchers say.

On AMD chips, the researchers note, it is not necessary to underflow the return stack buffer, as mispredictions appear whenever there is a colliding indirect branch. Essentially, they discovered that they could poison the return instruction using an indirect jump and trick the branch predictor into predicting an indirect branch target instead of a return.

“This means that any return that we can reach through a system call can be exploited — and there are tons of them,” the researchers say.

“We also found that AMD CPUs exhibit phantom jumps (CVE-2022-23825): branch predictions that occur even in the absence of any corresponding branch instruction. Using the same technique we used to exploit Retbleed, we could omit the return instruction completely and observe branch target prediction on any given instruction,” the academics continue.

The researchers also discovered that many microarchitectures allow for the creation of collisions on kernel return instructions from user mode, meaning that an unprivileged attacker could “arbitrarily control the predicted target of such return instructions by branching into kernel memory,” even on systems with all deployed mitigations enabled.

The academics built an analysis framework on top of Linux testing and tracing facilities to identify microarchitecture-dependent vulnerable return instructions that an attacker can exploit to gain sufficient control over registers or memory.

“We saw that retpoline-protected Intel and AMD CPUs are vulnerable to Retbleed. Retpoline, as a Spectre mitigation, fails to consider return instructions as an attack vector,” the researchers underline.

Intel, which tracks the security flaws as CVE-2022-29901 and CVE-2022-28693, will selectively enable Indirect Branch Restricted Speculation (IBRS) on Retbleed-vulnerable systems, to prevent software from controlling the predicted targets of indirect branches.

To mitigate the vulnerabilities — tracked as CVE-2022-29900 and CVE-2022-23825 — AMD has introduced jmp2ret, which replaces returns in the kernel with direct jumps to a return thunk. The proposed solutions introduce up to 28% overhead.

Related: Academics Devise New Speculative Execution Attack Against Apple M1 Chips

Related: New Side-Channel Attack Targets Intel CPU Ring Interconnect

Related: CrossTalk: First Speculative Execution Attack Allowing Data Leaks Across Intel CPU Cores

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.


GoAnywhere MFT users warned about a zero-day remote code injection exploit that can be targeted directly from the internet