IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [spectre]

A side-channel vulnerability affecting modern microprocessors that perform branch prediction like Intel, AMD, ARM, Sparc and PowerPC allowing user processes to read memory belonging to other processes. Affects Linux, OS X, and Windows. Published in January 2018.

A side-channel vulnerability affecting modern microprocessors that perform branch prediction like Intel, AMD, Sparc V9, ARM and PowerPC CPUs allowing user processes to read memory belonging to other processes. Affects a wide range of OSes like Linux, OS X, AIX, Solaris and Windows. Published in January 2018.

The attack exploits speculative instruction execution that results from CPU branch prediction, coupled with traditional cache timing attacks in order to learn the contents of another process' memory space.

See full attack details at https://spectreattack.com

See our canonical question on this site at Meltdown and Spectre Attacks

94 questions
2
votes
1 answer

Privacy implications of Intel CPU backdoors

I didn't follow all the episodes about backdoors in Intel CPUs What can intelligence or law enforcement agencies potentially do on a computer equipped with a vulnerable Intel CPU (connected to the Internet but not directly - behind a router)? Can…
user18362
  • 21
  • 2
2
votes
1 answer

What is NetSpectre?

A new attack was revealed in a document titled NetSpectre: Read Arbitrary Memory over Network (PDF warning). I've seen a few non-technical writeups about the fact that it's a pretty slow attack: The biggest [downside] is the attack's woefully slow…
isanae
  • 145
  • 5
2
votes
2 answers

Should I wait until Spectre and Meltdown is fixed in hardware?

I have a Laptop that needs replacing due to age. I will be using this laptop for desktop use, including Office Apps, Development, Running VMs & Web Browsing. I will be using separation using Qubes/Xen, KVM or Virtualbox. Note: Laptop won't be…
BerryResponsible
  • 21
  • 1
2
votes
1 answer

Why is there no spectre local root exploit in circulation?

I heard that Spectre could be used to reveal arbitrary information from RAM and I imagine it should ultimately be possible to automate getting root this way. At the same time, quite a couple of months passed since this class of vulnerabilities was…
d33tah
  • 6,524
  • 8
  • 38
  • 60
2
votes
1 answer

Spectre: Problem with Understanding POC - Reading data from cache

I understand the vulnerability (Spectre) and, in theory, what the PoC does. But I do not understand the part of the PoC, when it reads or identifys the data from the cache, between the lines 86 - 108. I know that the PoC is reading the data from the…
user104787
  • 179
  • 1
  • 4
  • 12
2
votes
1 answer

Meltdown and Spectre vs. dcache timing and dcache leak issues

I've heard an expert (or "expert") laugh the current focus on Meltdown and Spectre off by arguing that dcache timing and dcache leak issues have been known and around for years (so nothing new there ...) Does such belittlement have (some) merit or…
Drux
  • 371
  • 1
  • 2
  • 10
2
votes
1 answer

Could Meltdown/Spectre be exploited from C#/.Net (or other managed languages or the Midori OS)?

First off yes the correct answer is patch your OS/system. That aside: Does the memory managed features of a language like C# prevent it from being used to exploit the Meltdown security bug? What about if you use the unsafe keyword? Bonus…
DeltaTango
  • 23
  • 6
1
vote
2 answers

Are Haswell CPUs still secure? Do they still get microcode updates?

I have a Dell laptop with a Haswell CPU, and the recent Retbleed vulnerabilities made me think how vulnerable it is in general. The whitepaper implies Haswell quite a lot, but it wasn't tested. I keep my microcode package up-to-date, but it seems…
schaman
  • 11
  • 2
1
vote
1 answer

Are CPU side-channel attacks still a concern on VPSs

I've been looking into getting a VPS to run an OpenVPN server on and a few other things. I've been speaking to a hosting company and they have sent me this screenshot to show they are protected against all currently known exploits on their…
Letal1s
  • 99
  • 6
1
vote
1 answer

Does enabling SharedArrayBuffers via service worker headers create Spectre vulnerability?

In browsers, use of SharedArrayBuffer is restricted to sites with the following HTTP headers because otherwise it exposes vulnerabilities to Spectre and Meltdown. Cross-Origin-Embedder-Policy: require-corp Cross-Origin-Opener-Policy: same-origin If…
ultraGentle
  • 113
  • 3
1
vote
1 answer

Is protecting against Meltdown and Spectre on virtual servers actually possible?

I've been reading into the Meltdown and Spectre bugs recently and the issues they cause for virtualised servers, as memory in one VM can potentially be accessed by another user in a separate VM with the same host. I found this article on…
Letal1s
  • 99
  • 6
1
vote
0 answers

Prefetch Side-Channel Attacks:Bypassing SMAP and Kernel ASLR

I'm trying to understand and perform the Prefetch Side-Channel Attacks:Bypassing SMAP and Kernel ASLR. The author have released the proof-of-concept code. I'm trying to run the attack on my Intel Haswell machine, using Linux Ubuntu 20.04,…
parisa
  • 111
  • 3
1
vote
1 answer

are small SOC chips also affected by Meltdown and Spectre?

How can I find out, if given CPU is affected by the Meltdown and Spectre bugs ? My CPU is relatively older, and it is a SOC chip: AMD GX-412TC SOC I was not able to find, whether these chips also use speculative…
400 the Cat
  • 213
  • 1
  • 5
1
vote
0 answers

How would one compare Cache Allocating Technology against MIT's Dynamically Allocated Way Guard for prevention of the Spectre side-channel Attack?

Upon research, I'm finding it difficult to identify a way to compare each solution. Is it correct in saying both solutions are software based? Therefore, could I compare overall PC perfomance with each software implementation?
Chris
  • 11
  • 2
1
vote
1 answer

Application level protection against Meltdown, Spectre, Foreshadow, Fallout. Zombieload

Is it possible to develop an application in such a way that its data in memory cant be stolen by recent attacks such as Meltdown, Spectre, Foreshadow, Fallout. Zombieload? All mitigations focus on patching hardware, BIOS or OS. But could sensitive…
Silver
  • 1,824
  • 11
  • 23
1 2 3 4
5
6 7