Thread: New speculative execution micro op vulnerability PoC
View Single Post
  #1  
Old 05-02-2021, 03:44
chants chants is offline
VIP
  
Join Date: Jul 2016
Posts: 826
Rept. Given: 47
Rept. Rcvd 50 Times in 31 Posts
Thanks Given: 737
Thanks Rcvd at 1,140 Times in 529 Posts
chants Reputation: 51
New speculative execution micro op vulnerability PoC
Anyone know where we can get a Proof of Concept for the new vulnerability?

The 2018 one is here in C:
https://github.com/crozone/SpectrePoC
Javascript:
https://github.com/google/security-research-pocs/tree/master/spectre.js and demo https://leaky.page

Press release from University: https://engineering.virginia.edu/news/2021/04/defenseless

Would be really interesting to see the technical details...

My suspicion is they pretend to jump to and execute the protected memory region to load it rather than doing indirect addressing. Which makes it surprising it took 3 years more to figure this out.
Reply With Quote
The Following User Says Thank You to chants For This Useful Post:
niculaita (05-02-2021)