Article 6DNNX Another round of speculative-execution vulnerabilities

Another round of speculative-execution vulnerabilities

by
corbet
from LWN.net on (#6DNNX)
There is a newly disclosed set of vulnerabilities in Intel processors thathave been given the name Downfallattacks.

Downfall attacks targets a critical weakness found in billions ofmodern processors used in personal and cloud computers. Thisvulnerability, identified as CVE-2022-40982, enables a user toaccess and steal data from other users who share the samecomputer. For instance, a malicious app obtained from an app storecould use the Downfall attack to steal sensitive information likepasswords, encryption keys, and private data such as bankingdetails, personal emails, and messages. Similarly, in cloudcomputing environments, a malicious customer could exploit theDownfall vulnerability to steal data and credentials from othercustomers who share the same cloud computer.

A series of patches has landed in the mainline kernel, including one for gather data samplingmitigation and one to disable the AVXextension on CPUs where microcode mitigation is not available."This is a *big* hammer. It is known to break buggy userspace thatuses incomplete, buggy AVX enumeration."

Not to be left out, AMD processors suffer from a return-stack overflowvulnerability, again exploitable via speculative execution; this patch, also justmerged, describes the problem and its mitigation.

External Content
Source RSS or Atom Feed
Feed Location http://lwn.net/headlines/rss
Feed Title LWN.net
Feed Link https://lwn.net/
Reply 0 comments