Questions tagged [speculative-store-bypass]

Since the discovery of Meltdown and Spectre, CPU security has been compromised and trust to the main manufacturers reduced, particularly Intel. 8 months later I wonder, what CPUs are more secure at this moment? Why? Have the patches achieved the…

I found the following ticket in the VirtualBox issue tracker: https://www.virtualbox.org/ticket/17987 The important (in the context of this question) part is that the guest OS (Debian) running in VirtualBox 5.2.18 on a patched Debian host thought…

AFAIK, all mitigable meltdown / spectre variants have software mitigation except for variant 3a and 4. Why is this the case? For variant 4, a straightforward software mitigation is to place lfence before all memory load operations. However,…

We use Web Application deployed on a CentOS server. Can the attack will be performed via a browser? Or the attacker need a physical access to the CentOS server? I cannot understand the attack vector from the RHEL:…