Attacks that use CPU data cache timing to exploit and leak information could lead to arbitrary virtual memory read vulnerabilities across local security boundaries.
When Jann Horn of Google’s Project Zero posted a detailed blog titled “Reading privileged memory with a side-channel,” it set off a firestorm of activity as the post confirmed that secret information inside a computer could be accessed via two different attacks, Meltdown and Spectre. Essentially, both attacks utilize CPU data cache timing to efficiently exploit and leak information from the system. This could lead to—at worst—arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts.
Read more here.
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
Leave a Reply