“Security researchers from Amsterdam have publicly detailed ‘BlindSide’ as a new speculative execution attack vector for both Intel and AMD processors,” reports Phoronix:
BlindSide is self-described as being able to “mount BROP-style attacks in the speculative execution domain to repeatedly probe and derandomize the kernel address space, craft arbitrary memory read gadgets, and enable reliable exploitation. This works even in face of…
Tag: speculative execution
AMD Processors From 2011 To 2019 Vulnerable To Two New Attacks
An anonymous reader quotes a report from ZDNet: AMD processors manufactured between 2011 and 2019 (the time of testing) are vulnerable to two new attacks, research published this week has revealed (PDF). The two new attacks impact the security of the data processed inside the CPU and allow the theft of sensitive information or the downgrade of security features. The research…
New Spectre-like CPU Vulnerability Bypasses Existing Defenses
itwbennett writes: Researchers from security firm Bitdefender discovered and reported a year ago a new CPU vulnerability that ‘abuses a system instruction called SWAPGS and can bypass mitigations put in place for previous speculative execution vulnerabilities like Spectre,’ writes Lucian Constantin for CSO. There are three attack scenarios involving SWAPGS, the most serious of which ‘can allow attackers to leak the…