Skip to content

system calls are vulnerable to Spectre V1 attacks on CPUs with speculative execution #14125

New issue
New issue
Closed
Bug
Closed
system calls are vulnerable to Spectre V1 attacks on CPUs with speculative execution#14125
Bug
Assignees
andrewboie
Labels
area: Memory ProtectionbugThe issue is a bug, or the PR is fixing a bugpriority: highHigh impact/importance bug
@andrewboie

Description

@andrewboie
andrewboie
opened on Mar 6, 2019

Describe the bug
This paper is a good summary:
https://arxiv.org/pdf/1902.05178.pdf

We have, either in-tree or in code review, mitigations for Meltdown, Foreshadow, Spectre V2, Spectre V4. Although recent research has a poor prognosis on ever mitigating all of these attacks on affected CPUs, we would like to at least ensure that bounds-check-bypass style attacks (Spectre V1) cannot be performed with system call arguments which index some array.

Metadata

Metadata

Assignees

Labels

area: Memory ProtectionbugThe issue is a bug, or the PR is fixing a bugpriority: highHigh impact/importance bug

Type

Bug

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions