Conversation
James Morris
jmorris
Edited 2 days ago
Interesting paper: "Enter, Exit, Page Fault, Leak: Testing Isolation Boundaries for Microarchitectural Leaks"
https://www.microsoft.com/en-us/research/publication/enter-exit-page-fault-leak-testing-isolation-boundaries-for-microarchitectural-leaks/
"We found 4 new cross-domain leaks, successfully detected all 6 known leaks possible in the configurations that we tested and reproduced 6 known flaws in patches."
e.g.:
"We discovered a microarchitectural effect on AMD3 that allows an attacker VM to selectively infer any bit from the memory of another VM, provided the victim VM has previously accessed (i.e., cached) this bit. By repeatedly exploiting this effect, the attacker VM could read the victim’s memory one bit at a time, and thus learn the contents of an arbitrary memory range used by the victim. "
https://www.microsoft.com/en-us/research/publication/enter-exit-page-fault-leak-testing-isolation-boundaries-for-microarchitectural-leaks/
"We found 4 new cross-domain leaks, successfully detected all 6 known leaks possible in the configurations that we tested and reproduced 6 known flaws in patches."
e.g.:
"We discovered a microarchitectural effect on AMD3 that allows an attacker VM to selectively infer any bit from the memory of another VM, provided the victim VM has previously accessed (i.e., cached) this bit. By repeatedly exploiting this effect, the attacker VM could read the victim’s memory one bit at a time, and thus learn the contents of an arbitrary memory range used by the victim. "
0
4
3