[RndTbl] new Spectre-type flaws
Trevor Cordes
trevor at tecnopolis.ca
Thu May 16 01:52:39 CDT 2019
The gift that *still* keeps on giving... to infinity and beyond!
https://access.redhat.com/security/vulnerabilities/mds
Short: new "MDS" Microarchitectural Data Sampling class of flaws regarding
writes and reads to CPU cache due to separate store-address and store-data
sub-operations and shared buffer space (much like TLB in other flaws).
Sounds like some of these might be even easier to exploit than Spectre:
like MFBDS, which might not even require a "widget".
Interesting these flaws all have a CVE from 2018... these have been known
(but kept quiet) for a while.
All our computers made slower in ... 3 ... 2 ... 1
More information about the Roundtable
mailing list