Linux kernel impacted by new SLUBStick cross-cache attack

August 3, 2024 at 03:41PM SLUBStick, a novel Linux Kernel cross-cache attack, has a 99% success rate in escalating privileges and escaping containers by exploiting a heap vulnerability. It works with modern kernel defenses and will be presented at the upcoming Usenix Security Symposium. The attack provides benefits to attackers, including privilege escalation and container … Read more

It’s 2024 and Intel silicon is still haunted by data-spilling Spectre

April 10, 2024 at 04:32PM VU Amsterdam academics discovered that Intel CPU cores are still vulnerable to Spectre attacks, despite mitigations. They created InSpectre Gadget, which can find code snippets to bypass protections, even on chips with Spectre defenses. The tool helped develop Native Branch History Injection exploit, allowing access to sensitive data. AMD and … Read more