View Single Post
  #1  
Old 05-02-2021, 03:44
chants chants is offline
VIP
 
Join Date: Jul 2016
Posts: 725
Rept. Given: 35
Rept. Rcvd 48 Times in 30 Posts
Thanks Given: 666
Thanks Rcvd at 1,053 Times in 478 Posts
chants Reputation: 48
New speculative execution micro op vulnerability PoC

Anyone know where we can get a Proof of Concept for the new vulnerability?

The 2018 one is here in C:
https://github.com/crozone/SpectrePoC
Javascript:
https://github.com/google/security-research-pocs/tree/master/spectre.js and demo https://leaky.page

Press release from University: https://engineering.virginia.edu/news/2021/04/defenseless

Would be really interesting to see the technical details...

My suspicion is they pretend to jump to and execute the protected memory region to load it rather than doing indirect addressing. Which makes it surprising it took 3 years more to figure this out.
Reply With Quote
The Following User Says Thank You to chants For This Useful Post:
niculaita (05-02-2021)