Jump to content

Κενά ασφαλείας σε επεξεργαστές intel και κάποια σχετική παρανόηση


Recommended Posts

shutterstock_spectre.jpg
WWW.THEREGISTER.COM

A misunderstanding about the vulnerability means defenses fall short


In a paper   slated to be distributed through ArXiv today, Martin Schwarzl, Thomas Schuster, and Daniel Gruss with Graz University of Technology, and Michael Schwarz, with the Helmholtz Center for Information Security, reveal the computer science world has misunderstood the microarchitectural flaw that enables Foreshadow, which can be exploited by malware or a rogue user on a vulnerable system to extract data from supposedly protected areas of memory – such as Intel SGX enclaves, and operating-system kernel and hypervisor addresses...

it's still possible to exploit Foreshadow on older kernels that are supposedly mitigated, or on a fully patched kernel that happens to have Spectre variant two protections removed...

"We discovered that effects reported in several academic papers over the past four years were not correctly understood, leading to incorrect assumptions on countermeasures,"...

Thus, if you've used the nospectre_v2 kernel option on your fully-patched Intel-powered Linux server to optimize for speed over security, and think it won't affect your Foreshadow protection, think again: the machine is now vulnerable to Foreshadow...
 

It also means Foreshadow can potentially affect CPU cores from vendors other than Intel, such as AMD, Arm, and IBM, and that the effects can be triggered by malicious JavaScript in a browser window, though fairly slowly based on the scenarios described in the paper.

The good news is that there is a defense against the Foreshadow L3 attack described in the paper: implementing the Spectre-BTB (Branch Target Buffer) countermeasures...

  • Like 3
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.