Sujet : Re: Uh Oh - NEW Data Leak Found in Intel Processors
De : c186282 (at) *nospam* nnada.net (c186282)
Groupes : comp.os.linux.miscDate : 24. May 2025, 06:46:42
Autres entêtes
Message-ID : <0fCdnZkik9LBwKz1nZ2dnZfqn_YAAAAA@giganews.com>
References : 1 2 3
User-Agent : Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.13.0
On 5/22/25 4:16 PM, Richard Kettlewell wrote:
Marc Haber <mh+usenetspam1118@zugschl.us> writes:
c186282 <c186282@nnada.net> wrote:
https://scitechdaily.com/intels-memory-leak-nightmare-5000-bytes-per-second-in-the-hands-of-hackers/
The flaw allows attackers to break down barriers between
users sharing the same processor, potentially accessing
private data stored in memory.
>
This is only really relevant for the cloud providers, where multiple
tenants run code concurrently on the same CPU. It is totally
irrelevant for home users, and only partially relevant for on-prem
virtualizsation ("private cloud").
I don’t think that’s correct. The BPRC attack breaches user/kernel,
guest/host and application-internal boundaries (i.e. it undermines
IBPB). Much wider impact than cloud service providers.
https://comsec.ethz.ch/wp-content/files/bprc_sec25.pdf
is the full paper.
Theoretically true. In PRACTICE however, it's a kinda
difficult breech technique - so expect it to be almost
entirely confined to "big"/"important" targets.
"Home", "smaller biz", nope.
STILL needs to be fixed ... but can EXISTING
chips be fixed without trashing performance ?
Re: Uh Oh - NEW Data Leak Found in Intel Processors
Re: Uh Oh - NEW Data Leak Found in Intel Processors