Table of Contents
Fetching ...

Analyzing and Exploiting Branch Mispredictions in Microcode

Nicholas Mosier, Hamed Nemati, John C. Mitchell, Caroline Trippel

TL;DR

The paper introduces uSpectre, a new class of transient execution attacks that exploit microcode branch mispredictions to transiently leak data, showing that many prior Spectre/Meltdown variants are actually instances of µSpec-tre on Intel microarchitectures. It defines three µSpec-tre variants—MEB, MVI, and MIL—and demonstrates their existence across Goldmont and other cores, including novel vulnerabilities like PCIDX and MEB-OF, which reveal previously inaccessible microarchitectural state. The authors reclassify several known attacks as µSpec-tre instances and disclose new vulnerabilities, while proposing µSLH, a microcode-based defense that uses conditional selects to zero out dubious data after mispredictions. The work highlights the practical risk of microcode-level leakage and argues for vendor microcode updates to mitigate these threats, while noting limitations and the need for broader mitigation strategies for MIL-type leaks. Overall, the paper expands the transient execution taxonomy, uncovers deep leakage channels, and offers a concrete defense path with µSLH, informing hardware security and microarchitectural risk assessment.

Abstract

We present uSpectre, a new class of transient execution attacks that exploit microcode branch mispredictions to transiently leak sensitive data. We find that many long-known and recently-discovered transient execution attacks, which were previously categorized as Spectre or Meltdown variants, are actually instances of uSpectre on some Intel microarchitectures. Based on our observations, we discover multiple new uSpectre attacks and present a defense against uSpectre vulnerabilities, called uSLH.

Analyzing and Exploiting Branch Mispredictions in Microcode

TL;DR

The paper introduces uSpectre, a new class of transient execution attacks that exploit microcode branch mispredictions to transiently leak data, showing that many prior Spectre/Meltdown variants are actually instances of µSpec-tre on Intel microarchitectures. It defines three µSpec-tre variants—MEB, MVI, and MIL—and demonstrates their existence across Goldmont and other cores, including novel vulnerabilities like PCIDX and MEB-OF, which reveal previously inaccessible microarchitectural state. The authors reclassify several known attacks as µSpec-tre instances and disclose new vulnerabilities, while proposing µSLH, a microcode-based defense that uses conditional selects to zero out dubious data after mispredictions. The work highlights the practical risk of microcode-level leakage and argues for vendor microcode updates to mitigate these threats, while noting limitations and the need for broader mitigation strategies for MIL-type leaks. Overall, the paper expands the transient execution taxonomy, uncovers deep leakage channels, and offers a concrete defense path with µSLH, informing hardware security and microarchitectural risk assessment.

Abstract

We present uSpectre, a new class of transient execution attacks that exploit microcode branch mispredictions to transiently leak sensitive data. We find that many long-known and recently-discovered transient execution attacks, which were previously categorized as Spectre or Meltdown variants, are actually instances of uSpectre on some Intel microarchitectures. Based on our observations, we discover multiple new uSpectre attacks and present a defense against uSpectre vulnerabilities, called uSLH.
Paper Structure (85 sections, 17 figures, 1 table)

This paper contains 85 sections, 17 figures, 1 table.

Figures (17)

  • Figure 1: Microprogram implementing cld on Goldmont, located at MSROM address U06d0 in Goldmont's microcode disassembly hackers-ucodedisasm. We use CustomProcessingUnit custom-processing-unit to verify this mapping.
  • Figure 2: Structure of µSpec-tre-MEB (a) vulnerabilities and (b) attacks.
  • Figure 3: Structure of µSpec-tre-MVI (a) vulnerabilities and (b) attacks.
  • Figure 4: Structure of a µSpec-tre-MIL (a) vulnerabilities and (b) attacks.
  • Figure 5: Transient execution attack classification tree, simplified from prior work canella-systematic and adapted to include µSpec-tre and other Spectre variants that have been since discovered spectre-btcphantomspectre-psf. Demonstrated attacks are in red. Presently inconclusive results are in gray. Bolded text represents a new vulnerability presented in this paper.
  • ...and 12 more figures