IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [meltdown]

A side-channel vulnerability affecting Intel x86 and few ARM-based microprocessors allowing user processes to read memory belonging to the kernel. Affects various OSes like Linux, OS X, and Windows. Published in January 2018.

A side-channel vulnerability affecting Intel x86 and few ARM-based microprocessors allowing user processes to read memory belonging to the kernel. Affects various OSes like Linux, OS X, and Windows. Published in January 2018.

The attack exploits timing differences in out-of-order instruction execution, coupled with a privilege escalation vulnerability specific to Intel processors, due to which speculatively executed instructions can bypass memory protection mechanisms. Meltdown allows user processes to read memory belonging to the kernel or other processes. In particular, it breaks the security between virtual machines running on the same host.

See full attack details at https://meltdownattack.com

See our canonical question on this site at Meltdown and Spectre Attacks

95 questions
0
votes
1 answer

Do Meltdown and Spectre affect other Intel products such as SSDs?

I've found a good deal on an Intel SSD but I don't want to worry about the security hole or the loss of performance from patching it.
EMBLEM
  • 113
  • 2
0
votes
1 answer

Not to apply KPTI on servers that only run trusted code?

I have some servers that run applications that use IPC/RPC heavily and are sensitive to the delays of a syscall. If this server is hardened to only run trusted code (e.g. automated code deployment after code review and change approval and no…
billc.cn
  • 3,852
  • 1
  • 16
  • 24
-1
votes
2 answers

Extracting passwords from recycled machine using Spectre and Meltdown

With Spectre and Meltdown, hackers can extract your password from the CPU cache. If I give someone my computer without the hard drive, can he extract my passwords through the CPU?
justlinx69
  • 53
  • 6
-1
votes
2 answers

How bits/bytes are handled after performing Meltdown?

I understand how it works but for example after reading 4 bytes, how do it undertand if it was originally an integer or 4 different characters? Both of them could give a meaningfull result.
user173052
  • 1
-3
votes
1 answer

Are PCs really vulnerable to Spectre type attacks due to virtual user space addressing?

Are Windows OS user programs vulnerable to Spectre and the other recent Intel flaws? Wouldn't the virtual memory assignment in Windows prevent such attacks, or their usefulness? Sorry if I miss something, the attacks seem complex, and not even…
marshal craft
  • 97
  • 7
1 2 3 4 5 6
7