While the chaotic Spectre vulnerability keeps coming back, another vulnerability has now come up to trouble users. Termed SplitSpectre, the recently discovered vulnerability could allow an attacker for speculative execution attacks.
SplitSpectre – Another Spectre Variant Discovered
The vulnerability could allow an attacker to target a victim’s system by exploiting the speculative execution function of microprocessors. The researchers from Northeastern University and IBM Research have published their findings in a detailed research paper.
As stated in their paper, Split Spectre seems a Spectre v1 variant. The difference, however, lies in the way it executes. It requires a small chunk of vulnerable code on the victim’s machine, without requiring the attacker to have an own malicious code.