Thread: New speculative execution micro op vulnerability PoC
View Single Post
  #1  
Old 05-02-2021, 03:44
chants chants is offline
VIP
  
Join Date: Jul 2016
Posts: 737
Rept. Given: 37
Rept. Rcvd 48 Times in 30 Posts
Thanks Given: 671
Thanks Rcvd at 1,064 Times in 482 Posts
chants Reputation: 48
New speculative execution micro op vulnerability PoC
Anyone know where we can get a Proof of Concept for the new vulnerability?

The 2018 one is here in C:
https://github.com/crozone/SpectrePoC
Javascript:
https://github.com/google/security-research-pocs/tree/master/spectre.js and demo https://leaky.page

Press release from University: https://engineering.virginia.edu/news/2021/04/defenseless

Would be really interesting to see the technical details...

My suspicion is they pretend to jump to and execute the protected memory region to load it rather than doing indirect addressing. Which makes it surprising it took 3 years more to figure this out.
Reply With Quote
The Following User Says Thank You to chants For This Useful Post:
niculaita (05-02-2021)