“Speculative optimizations execute code in a non-secure manner leaving data traces in microarchitecture such as cache.”
Can only dump
linux_proc_bannerat the moment, since requires accessed memory to be in cache and
linux_proc_banneris cached on every read from
/proc/version. Might work with
Build and run
make, run with
Can’t defeat KASLR yet, so you may need to enter your password to find
linux_proc_banner in the
/proc/kallsyms (or do it manually).
If it compiles but fails with
Illegal instruction then either your hardware is very old or it is a VM. Try compiling with:
$ make CFLAGS=-DHAVE_RDTSCP=0 clean all
Pandora’s box is open.
Vulnerable CPUs list
Here the list (continuosly updated): https://github.com/paboldin/meltdown-exploit/issues/19