CVE-2019-1125, “SWAPGS Attack”: a new speculative execution side-channel attack

Security researchers at Bitdefender disclosed a new way of exploiting a flaw in Intel chips.

Continue reading “CVE-2019-1125, “SWAPGS Attack”: a new speculative execution side-channel attack”

Check your system for several “speculative execution” vulnerabilities with a single bash script

After the first disclosure of CVEs related to speculative execution vulnerabilities (Meltdown and Spectre) on CPUs, a lot of researcher started to analyze the CPUs in order to find other vulerabilities and possible exploit techniques.

Just some days ago a new a speculative execution attack on Intel processors has been released.

Continue reading “Check your system for several “speculative execution” vulnerabilities with a single bash script”

In-Spectre-Meltdown: a PoC for Meltdown and Spectre vulnerabilities

In-Spectre-Meltdown is a PoC developed by Viral Maniar using Python and Powershell to check speculative execution side-channel attacks that affect many modern processors and operating systems designs that allows unprivileged processes to steal secrets from privileged processes.
Continue reading “In-Spectre-Meltdown: a PoC for Meltdown and Spectre vulnerabilities”

Meltdown and Spectre: what we know about the vulnerabilities in CPUs?

In the last hours, the vulnerabilities of the CPU have had a great prominence even in the non-specialized press.
So, I think that would be useful trying to summarize the situation in a simple way.

Continue reading “Meltdown and Spectre: what we know about the vulnerabilities in CPUs?”