Guest blog post, posted by Andrey Konovalov Introduction Lately I’ve been spending some time fuzzing network-related Linux kernel int...| googleprojectzero.blogspot.com
Previously: v4.15.| codeblog
An nice additional benefit of the recent Kernel Page Table Isolation (CONFIG_PAGE_TABLE_ISOLATION) patches (to defend against CVE-2017-5754, the speculative execution “rogue data cache load” or “Meltdown” flaw) is that the userspace page tables visible while running in kernel mode lack the executable bit. As a result, systems without the SMEP CPU feature (before Ivy-Bridge) get it emulated for “free”.| codeblog
Previously: v4.13.| codeblog
Previously: v4.12.| codeblog
Posted by Jann Horn, Project Zero We have discovered that CPU data cache timing can be abused to efficiently leak information out of mi...| googleprojectzero.blogspot.com