all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Indirect Meltdown: Building Novel Side-Channel Attacks from Transient-Execution Attacks. (arXiv:2310.04183v1 [cs.CR])

Add to bookmarks
Oct. 9, 2023, 1:10 a.m. | Daniel Weber, Fabian Thomas, Lukas Gerlach, Ruiyi Zhang, Michael Schwarz

cs.CR updates on arXiv.org arxiv.org

The transient-execution attack Meltdown leaks sensitive information by
transiently accessing inaccessible data during out-of-order execution. Although
Meltdown is fixed in hardware for recent CPU generations, most
currently-deployed CPUs have to rely on software mitigations, such as KPTI.
Still, Meltdown is considered non-exploitable on current systems. In this
paper, we show that adding another layer of indirection to Meltdown transforms
a transient-execution attack into a side-channel attack, leaking metadata
instead of data. We show that despite software mitigations, attackers can still …

attack attacks channel cpu cpus current data hardware information leaks meltdown mitigations non novel order sensitive sensitive information side-channel side-channel attacks software systems

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

Differentially private Bayesian tests 2 days, 21 hours ago | arxiv.org
arxiv confidential cornerstone cs.cr +16
On the Learnability of Watermarks for Language Models 2 days, 21 hours ago | arxiv.org
arxiv ask can cs.cl +12
Intriguing Properties of Diffusion Models: An Empirical Study of the Natural Attack Capability in Text-to-Image … 2 days, 21 hours ago | arxiv.org
applications arxiv attack cs.cr +14
On the Reliability of Watermarks for Large Language Models 2 days, 21 hours ago | arxiv.org
arxiv bots cs.cl cs.cr +23
A Watermark for Large Language Models 2 days, 21 hours ago | arxiv.org
arxiv can cs.cl cs.cr +13
Asymmetric Distributed Trust 2 days, 21 hours ago | arxiv.org
abstraction algorithms arxiv can +12
Read Disturbance in High Bandwidth Memory: A Detailed Experimental Study on HBM2 DRAM Chips 2 days, 21 hours ago | arxiv.org
arxiv bandwidth chips cs.ar +5
ABACuS: All-Bank Activation Counters for Scalable and Low Overhead RowHammer Mitigation 2 days, 21 hours ago | arxiv.org
access address area arxiv +17
A Case Study of Large Language Models (ChatGPT and CodeBERT) for Security-Oriented Code Analysis 2 days, 21 hours ago | arxiv.org
analysis arxiv can capabilities +17

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Analyst

@ Northwestern Memorial Healthcare | Chicago, IL, United States
View on infosec-jobs.com

GRC Analyst

@ Richemont | Shelton, CT, US
View on infosec-jobs.com

Security Specialist

@ Peraton | Government Site, MD, United States
View on infosec-jobs.com

Information Assurance Security Specialist (IASS)

@ OBXtek Inc. | United States
View on infosec-jobs.com

Cyber Security Technology Analyst

@ Airbus | Bengaluru (Airbus)
View on infosec-jobs.com

Vice President, Cyber Operations Engineer

@ BlackRock | LO9-London - Drapers Gardens
View on infosec-jobs.com
View more jobs