| Do you develop on GitHub? You can keep using GitHub but automatically sync your GitHub releases to SourceForge quickly and easily with
and take advantage of SourceForge’s massive reach. Check out all of SourceForge’s
Follow Slashdot on LinkedIn
“Security researchers from Amsterdam have publicly detailed ‘BlindSide’ as
,” reports Phoronix:
BlindSide is self-described as being able to “mount BROP-style attacks in the speculative execution domain to repeatedly probe and derandomize the kernel address space, craft arbitrary memory read gadgets, and enable reliable exploitation. This works even in face of strong randomization schemes, e.g., the recent FGKASLR or fine-grained schemes based on execute-only memory, and state-of-the-art mitigations against Spectre and other transient execution attacks.”
From a single buffer overflow in the kernel, researchers claim three BlindSide exploits in being able to break KASLR (Kernel Address Space Layout Randomization), break arbitrary randomization schemes, and even break fine-grained randomization.
There’s more information
, and they’ve also created
And here’s a crucial excerpt from their paper shared by Slashdot reader Hmmmmmm:
In addition to the Intel Whiskey Lake CPU in our evaluation, we confirmed similar results on Intel Xeon E3-1505M v5, XeonE3-1270 v6 and Core i9-9900K CPUs, based on the Skylake, KabyLake and Coffee Lake microarchitectures, respectively, as well as on AMD Ryzen 7 2700X and Ryzen 7 3700X CPUs, which are based on the Zen+ and Zen2 microarchitectures.
Overall, our results confirm speculative probing is effective on a modern Linux system on different microarchitectures, hardened with the latest mitigations.
A conference is a gathering of important people who singly can do nothing
but together can decide that nothing can be done.
— Fred Allen