all InfoSec news
VU#155143: Linux kernel on Intel systems is susceptible to Spectre v2 attacks
CERT Recently Published Vulnerability Notes kb.cert.org
Overview
A new cross-privilege Spectre v2 vulnerability that impacts modern CPU architectures supporting speculative execution has been discovered. CPU hardware utilizing speculative execution that are vulnerable to Spectre v2 branch history injection (BHI) are likely affected. An unauthenticated attacker can exploit this vulnerability to leak privileged memory from the CPU by speculatively jumping to a chosen gadget. Current research shows that existing mitigation techniques of disabling privileged eBPF and enabling (Fine)IBT are insufficient in stopping BHI exploitation against the kernel/hypervisor. …
architectures attacker attacks bhi can cpu exploit hardware history injection intel kernel leak linux linux kernel memory privilege privileged spectre speculative execution systems unauthenticated vulnerability vulnerable