Head Topics

Linux kernel logic allowed Spectre attack on major cloud

Österreich Nachrichten Nachrichten

Linux kernel logic allowed Spectre attack on major cloud
Österreich Neuesten Nachrichten,Österreich Schlagzeilen
  • 📰 TheRegister
  • ⏱ Reading Time:
  • 53 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 24%
  • Publisher: 61%

Linux kernel logic allowed Spectre attack on 'major cloud provider'

), a mechanism to restrict speculation of indirect branches, which tell processors to start executing instructions at a new location., which Intel calls Branch Target Injection. Branch Target Injection is a technique for training branch predictors to speculatively execute certain instructions in order to infer data in the processor cache using a timing side-channel.

IBRS comes in two flavors: basic and enhanced. And it's the basic flavor that proved distasteful from a security standpoint. The bug hunters who identified the issue found that Linux userspace processes to defend against Spectre v2 didn't work on VMs of"at least one major cloud provider."that opted out of STIBP , a defense against the sharing of branch prediction between logical processors on a core.

"The IBRS bit implicitly protects against cross-thread branch target injection," the bug report explains."However, with legacy IBRS, the IBRS bit was cleared on returning to userspace, due to performance reasons, which disabled the implicit STIBP and left userspace threads vulnerable to cross-thread branch target injection against which STIBP protects.

The ghostly flaw was identified by Rodrigo Rubira Branco , when he was at Google, and José Luiz. KP Singh, part of Google's kernel team, who worked on the fix and coordinated with the Linux maintainers to resolve the issue.

Wir haben diese Nachrichten zusammengefasst, damit Sie sie schnell lesen können. Wenn Sie sich für die Nachrichten interessieren, können Sie den vollständigen Text hier lesen. Weiterlesen:

TheRegister /  🏆 67. in UK

Österreich Neuesten Nachrichten, Österreich Schlagzeilen

Similar News:Sie können auch ähnliche Nachrichten wie diese lesen, die wir aus anderen Nachrichtenquellen gesammelt haben.

Sing when you’re spinning: Strava announces “first of its kind” in-app integration with SpotifySing when you’re spinning: Strava announces “first of its kind” in-app integration with SpotifySing when you’re spinning: Strava announces “first of its kind” in-app integration with Spotify What do you reckon will be on Mathieu van der Poel’s first Strava playlist? cycling
Weiterlesen »

Counter-Strike is getting a virtual esports stadiumCounter-Strike is getting a virtual esports stadiumVirtex is launching the first ever virtual esports stadium to allow viewers to watch matches from inside the arena - an…
Weiterlesen »

Cancer breakthrough could see blood test used to predict how disease spreadsCancer breakthrough could see blood test used to predict how disease spreadsBlood tests could one day be used to determine the likelihood of cancer spreading and growing in a patient's body
Weiterlesen »

Endless Dungeon delayed by five monthsEndless Dungeon delayed by five monthsSega has announced that the upcoming squad-based, roguelite tactical action game Endless Dungeon has been delayed into October to allow Amplitude Studios time to 'better incorporate community feedback.'
Weiterlesen »

Thursday weather forecast for Leeds as even more rain comingThursday weather forecast for Leeds as even more rain comingLeeds is set for a day of rain, sun and cloud
Weiterlesen »

Patient who 'slapped and grabbed' young nurse as she treated him is jailedPatient who 'slapped and grabbed' young nurse as she treated him is jailedKieran McGrandles subjected the victim to a prolonged attack at the Royal Victoria Hospital
Weiterlesen »



Render Time: 2025-04-02 13:40:32