Can a meltdown attack also violate data integrity of other processes or is it just violating data secrecy?

Question

Can a meltdown attack also violate data integrity of other processes by obtaining different passwords or is it just violating data secrecy by reading data it is unauthorized to do?

score 1 · Answer 1 · answered Jun 23 '21 at 01:44

Meltdown does not directly impact integrity, but it totally violates confidentiality. Whether or not the violation of confidentiality is sufficient to also violate integrity (e.g. read root password, become root, and load malicious kernel module) depends entirely on your system.

In other words, Meltdown on its own is exclusively a read vulnerability, not a write vulnerability.

score 0 · Answer 2 · answered Apr 28 '21 at 10:58

Meltdown is an attack that allows overcoming memory isolation completely by providing a simple way for any user process to read the entire kernel memory of the machine. Attacker can get password, private keys and valuable information. You can access the research paper here.

Can a meltdown attack also violate data integrity of other processes or is it just violating data secrecy?

2 Answers2