Home / Gadgets / Gadgets: Security Researchers Detail New ‘BlindSide’ Speculative Execution Attack

Gadgets: Security Researchers Detail New ‘BlindSide’ Speculative Execution Attack


Slashdot Apparel is back! SHOP NOW!.

| Do you develop on GitHub? You can keep using GitHub but automatically sync your GitHub releases to SourceForge quickly and easily with

this tool

and take advantage of SourceForge’s massive reach. Check out all of SourceForge’s



Follow Slashdot on LinkedIn



Gadgets: Security

Gadgets: Linux

Gadgets: Hardware


Security Researchers Detail New ‘BlindSide’ Speculative Execution Attack (phoronix.com)



from the blindsided dept.

“Security researchers from Amsterdam have publicly detailed ‘BlindSide’ as

a new speculative execution attack vector for both Intel and AMD processors

,” reports Phoronix:

BlindSide is self-described as being able to “mount BROP-style attacks in the speculative execution domain to repeatedly probe and derandomize the kernel address space, craft arbitrary memory read gadgets, and enable reliable exploitation. This works even in face of strong randomization schemes, e.g., the recent FGKASLR or fine-grained schemes based on execute-only memory, and state-of-the-art mitigations against Spectre and other transient execution attacks.”

From a single buffer overflow in the kernel, researchers claim three BlindSide exploits in being able to break KASLR (Kernel Address Space Layout Randomization), break arbitrary randomization schemes, and even break fine-grained randomization.

There’s more information

on the researcher’s web site

, and they’ve also created

an informational video


And here’s a crucial excerpt from their paper shared by Slashdot reader Hmmmmmm:
In addition to the Intel Whiskey Lake CPU in our evaluation, we confirmed similar results on Intel Xeon E3-1505M v5, XeonE3-1270 v6 and Core i9-9900K CPUs, based on the Skylake, KabyLake and Coffee Lake microarchitectures, respectively, as well as on AMD Ryzen 7 2700X and Ryzen 7 3700X CPUs, which are based on the Zen+ and Zen2 microarchitectures.

Overall, our results confirm speculative probing is effective on a modern Linux system on different microarchitectures, hardened with the latest mitigations.

A conference is a gathering of important people who singly can do nothing
but together can decide that nothing can be done.
— Fred Allen


Read More

Share this:


About admin

Check Also

Gadgets: ARM: UK-based chip designer sold to Nvidia

Gadgets: ARM: UK-based chip designer sold to Nvidia

By Leo KelionTechnology desk editorPublishedduration5 days agoimage copyrightGetty Images/ARMUK-based computer chip designer ARM Holdings is being sold to the American graphics chip specialist Nvidia.The deal values ARM at $40bn (£31.2bn), four years after it was bought by Japanese conglomerate Softbank for $32bn.ARM's technology is at the heart of most smartphones, among many other devices.Nvidia has…

Leave a Reply

Your email address will not be published. Required fields are marked *