New ZombieLoad v2 Attack Affects Intel's Latest Cascade Lake CPUs
ZombieLoad variant 2 of the side-channel MDS vulnerabilities affects the most recent Intel CPUs, including the latest Cascade Lake, which are otherwise resistant against attacks like Meltdown, Foreshadow and other MDS variants (RIDL and Fallout)
thehackernews.com
ZombieLoad v2 Affects Latest Intel CPUs
Now, the same group of researchers has disclosed details of a second variant of the vulnerability, dubbed ZombieLoad v2 and tracked as CVE-2019-11135, that resides in Intel's Transactional Synchronization Extensions (TSX).
Intel TSX provides transactional memory support in hardware, aiming to improve the performance of the CPU by speeding up the execution of multi-threaded software and aborting a transaction when a conflict memory access was found.
Intel has referred ZombieLoad v2 as "Transactional Synchronization Extensions (TSX) Asynchronous Abort (TAA)" vulnerability because the exploitation of this flaw requires a local attacker, with the ability to monitor execution time of TSX regions, to infer memory state by comparing abort execution times.
'News' 카테고리의 다른 글
| Bad Binder: Android In-The-Wild Exploit (0) | 2019.11.25 |
|---|---|
| IoT Device Search & Default Credential Scanner (0) | 2019.11.25 |
| Microsoft Edge - Local File Disclosure and EoP (0) | 2019.11.21 |
| PHP Remote Code Execution 0-Day Discovered in Real World CTF Exercise (0) | 2019.11.21 |
| WhatsApp Bug / Secretly Install Spyware On Your Devices (0) | 2019.11.21 |
wtdsoul