-
标题
-
作者Moritz Lipp,Michael Schwarz,Daniel Gruss
-
简介
- Introduction
- Background
- A Toy Example
- Building Blocks of the Attack
- Meltdown
- Evaluation
- Countermeasures
- Discussion
- Conclusion
In this paper, we presented Meltdown, a novel software based side-channel attack exploiting out-of-order execution on modern processors to read arbitrary kernel- and physical-memory locations from an unprivileged user space program. Without requiring any software vulnerability and independent of the operating system, Meltdown enables an adversary to read sensitive data of other processes or virtual machines in the cloud with up to 503KB/s, affecting millions of devices. We showed that the countermeasure KAISER [8], originally proposed to protect from side-channel attacks against KASLR, inadvertently impedes Meltdown as well. We stress that KAISER needs to be deployed on every operating system as a short-term workaround, until Meltdown is fixed in hardware, to prevent large-scale exploitation of Meltdown.
-
提示本站仅做资料的整理和索引,转载引用请注明出处
相关推荐
-
2019-08-26 06:09:11
-
2018-06-28 05:06:43
-
2016-02-22 06:54:44
-
2019-12-27 11:57:16
附件下载
-
meltdown.pdf