Security researchers from Microsoft and ETH Zurich have uncovered four new speculative side-channel vulnerabilities in modern AMD and Intel processors that bypass existing microarchitectural defenses, raising serious concerns about the effectiveness of current isolation techniques across virtual machines, kernel boundaries, and user-space processes.
Detailed in a paper titled “Enter, Exit, Page Fault, Leak”, the team introduces a novel testing methodology that stress-tests security domain boundaries using Model-Based Relational Testing (MRT).
Their custom framework exposed new leakage vectors on AMD Zen 3 and Zen 4 chips, as well as reaffirmed several known vulnerabilities such as Meltdown and MDS.
The researchers describe their approach as a shift from “reactive patching to proactive security validation in processor design,” highlighting a new direction in CPU security assessment. Dr. Boris Köpf of Microsoft’s Azure Research, a co-author of the study, contributed to this work, demonstrating critical flaws in current isolation mechanisms
Discovery Highlights:
- One leak allows an attacker VM to infer memory bits from a co-hosted VM using shared cache behavior.
- Another enables user-mode processes to read kernel data by exploiting speculative execution paths that were previously considered secure.
- Two additional leaks demonstrate instruction speculation on privileged operations, which can be triggered from lower-privileged contexts on AMD CPUs.
These vulnerabilities are collectively referred to by AMD as Transient Scheduler Attacks (TSA) and have been cataloged as CVE-2024-36350 and CVE-2024-36357.
According to AMD's whitepaper, the attacks stem from “false completions” — speculative events where invalid data influences execution timing without triggering a pipeline flush, leading to timing-based data leakage.
The core issue lies in how modern CPUs handle speculative execution between security domains like hypervisors and guest VMs. Existing mitigations, such as flushing buffers and page isolation, are insufficient.
The researchers’ test framework simulates transitions between domains and measures leaked hardware traces, using statistical analysis to detect anomalies.
Their tool builds upon Revizor, an open-source fuzzing framework, and introduces an actor-based model that supports multi-domain interactions. Over 88 machine-days of testing revealed the new flaws and confirmed previously disclosed ones.
What Can Be Done?
AMD has released updated microcode and recommends using the VERW instruction during transitions between trusted and untrusted contexts to scrub vulnerable microarchitectural states. However, this may impact performance, and must be implemented in both OS and hypervisor codebases. Xen has issued patches under Security Advisory XSA-471.
The researchers emphasize a persistent gap between architectural isolation (the formal separation of security domains) and the practical realities of microarchitectural behavior, such as speculative execution and shared caches
Cloud providers, virtualization platforms, and OS vendors must take note. Even with microcode patches, full mitigation requires software-level cooperation. Admins are urged to audit workloads, apply firmware updates, and monitor for future disclosures.
You can read the AMD paper [PDF]on Transient Scheduler Attacks and Entry-Exit [PDF] from Microsoft.