|
|
Пишет LWN.net (![[info]](http://lj.rossia.org/img/syndicated.gif){kind=small} syn_lwnheadline)@ 2019-05-14 18:27:00 |
 |
|
 |
|
|
|
|
|
|
 |
|
 |
"ZombieLoad": a new set of speculative-execution attacks
The curtain has finally been lifted on the latest set of
speculative-execution vulnerabilities. This one has the delightful name of
ZombieLoad; it is also known as
"microarchitetural data sampling", but what's the fun in that? Various x86
processors stash data into hidden buffers that can, in some cases, be
revealed via speculative execution. Exploits appear to be relatively
hard. See this page
from the kernel documentation for a fairly detailed description of the
problem, and this
page for mitigation information.
The curtain has finally been lifted on the latest set of
speculative-execution vulnerabilities. This one has the delightful name of
ZombieLoad; it is also known as
"microarchitetural data sampling", but what's the fun in that? Various x86
processors stash data into hidden buffers that can, in some cases, be
revealed via speculative execution. Exploits appear to be relatively
hard. See this page
from the kernel documentation for a fairly detailed description of the
problem, and this
page for mitigation information.
