cpu漏洞(附poc)
昨天的cpu漏洞浮出水面,又是p0的开年杰作-任意虚拟内存读取。
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
Variant 1: bounds check bypass (CVE-2017-5753)
Variant 2: branch target injection (CVE-2017-5715)
Variant 3: rogue data cache load (CVE-2017-5754)
测试过的cpu
Intel(R) Xeon(R) CPU E5-1650 v3 @ 3.50GHz (called "Intel Haswell Xeon CPU" in the rest of this document)
AMD FX(tm)-8320 Eight-Core Processor (called "AMD FX CPU" in the rest of this document)
AMD PRO A8-9600 R7, 10 COMPUTE CORES 4C+6G (called "AMD PRO CPU" in the rest of this document)
An ARM Cortex A57 core of a Google Nexus 5x phone [6] (called "ARM Cortex A57" in the rest of this document)
poc地址
https://github.com/turbo/KPTI-PoC-Collection
文章出处: me记录
Intel CPU 曝大 BUG:迫使重新设计 Linux 和 Windows
相关内容
微信扫码咨询专知VIP会员