Speculative Return Stack Overflow (SRSO) aka INCEPTION is a potential vulnerability that may access privileged memory by using crafted code to leverage CPU speculative execution. This requires the attacker to run malicious software directly on the host. The attacker must also have detailed enough information about the operating environment to identify a memory address of interest and bypass OS features designed to thwart side channel attacks. Not just any code will do: The crafted code must be tailored to the specific CPU, OS, kernel version, and workload. An attack also cannot be launched remotely or from one VM against another. A successful attack only allows the attacker to read compromised data; they cannot modify that data. Further, the attack must occur within a short time window due to the nature of speculative execution. And finally, this attack will not work on servers that are only executing trusted code or when a single user occupies all cores on a server (such as in a bare-metal instance). AMD therefore believes that that the overall security risk associated with this potential vulnerability would be low in typical production environments.
Please read the following to learn more:
Frank Gorishek is a Corporate Vice President of Software Development in the Datacenter Ecosystems and Application Engineering team at AMD. His postings are his own opinions and may not represent AMD’s positions, strategies, or opinions. Links to third party sites are provided for convenience and unless explicitly stated, AMD is not responsible for the contents of such linked sites and no endorsement is implied.
