English
Related papers

Related papers: Fallout: Reading Kernel Writes From User Space

200 papers

The security of computer systems fundamentally relies on memory isolation, e.g., kernel address ranges are marked as non-accessible and are protected from user access. In this paper, we present Meltdown. Meltdown exploits side effects of…

Cryptography and Security · Computer Science 2018-01-08 Moritz Lipp , Michael Schwarz , Daniel Gruss , Thomas Prescher , Werner Haas , Stefan Mangard , Paul Kocher , Daniel Genkin , Yuval Yarom , Mike Hamburg

Recent transient-execution attacks, such as RIDL, Fallout, and ZombieLoad, demonstrated that attackers can leak information while it transits through microarchitectural buffers. Named Microarchitectural Data Sampling (MDS) by Intel, these…

Cryptography and Security · Computer Science 2020-06-25 Stephan van Schaik , Marina Minkin , Andrew Kwong , Daniel Genkin , Yuval Yarom

The transient-execution attack Meltdown leaks sensitive information by transiently accessing inaccessible data during out-of-order execution. Although Meltdown is fixed in hardware for recent CPU generations, most currently-deployed CPUs…

Cryptography and Security · Computer Science 2023-10-09 Daniel Weber , Fabian Thomas , Lukas Gerlach , Ruiyi Zhang , Michael Schwarz

In early 2018, Meltdown first showed how to read arbitrary kernel memory from user space by exploiting side-effects from transient instructions. While this attack has been mitigated through stronger isolation boundaries between user and…

Cryptography and Security · Computer Science 2019-05-15 Michael Schwarz , Moritz Lipp , Daniel Moghimi , Jo Van Bulck , Julian Stecklina , Thomas Prescher , Daniel Gruss

Meltdown and Spectre exploit microarchitectural changes the CPU makes during transient out-of-order execution. Using side-channel techniques, these attacks enable leaking arbitrary data from memory. As state-of-the-art software mitigations…

Cryptography and Security · Computer Science 2021-03-08 Michael Schwarz , Claudio Canella , Lukas Giner , Daniel Gruss

Transient execution attacks, also called speculative execution attacks, have drawn much interest as they exploit the transient execution of instructions, e.g., during branch prediction, to leak data. Transient execution is fundamental to…

Cryptography and Security · Computer Science 2020-09-01 Wenjie Xiong , Jakub Szefer

Research on transient execution attacks including Spectre and Meltdown showed that exception or branch misprediction events might leave secret-dependent traces in the CPU's microarchitectural state. This observation led to a proliferation…

Recent discovery of security attacks in advanced processors, known as Spectre and Meltdown, has resulted in high public alertness about security of hardware. The root cause of these attacks is information leakage across "covert channels"…

Cryptography and Security · Computer Science 2018-12-13 Mohammad Rahmani Fadiheh , Dominik Stoffel , Clark Barrett , Subhasish Mitra , Wolfgang Kunz

We propose using reinforcement learning to address the challenges of discovering microarchitectural vulnerabilities, such as Spectre and Meltdown, which exploit subtle interactions in modern processors. Traditional methods like random…

Cryptography and Security · Computer Science 2025-02-21 M. Caner Tol , Kemal Derya , Berk Sunar

In the last two decades, the evolving cyber-threat landscape has brought to center stage the contentious tradeoffs between the security and performance of modern microprocessors. The guarantees provided by the hardware to ensure no…

Cryptography and Security · Computer Science 2023-05-26 Nikhilesh Singh , Vinod Ganesan , Chester Rebeiro

Runahead execution is a continuously evolving microarchitectural technique for processor performance. This paper introduces the first transient execution attack on the runahead execution, called SPECRUN, which exploits the unresolved branch…

Hardware Architecture · Computer Science 2023-12-05 Chaoqun Shen , Gang Qu , Jiliang Zhang

The transient execution attack is a type of attack leveraging the vulnerability of modern CPU optimization technologies. New attacks surface rapidly. The side-channel is a key part of transient execution attacks to leak data. In this work,…

Cryptography and Security · Computer Science 2023-04-24 Yu Jin , Pengfei Qiu , Chunlu Wang , Yihao Yang , Dongsheng Wang , Gang Qu

This paper evaluates new security threats due to the processor frontend in modern Intel processors. The root causes of the security threats are the multiple paths in the processor frontend that the micro-operations can take: through the…

Cryptography and Security · Computer Science 2022-01-04 Shuwen Deng , Bowen Huang , Jakub Szefer

Recently discovered Spectre and meltdown attacks affects almost all processors by leaking confidential information to other processes through side-channel attacks. These vulnerabilities expose design flaws in the architecture of modern…

Cryptography and Security · Computer Science 2020-06-03 Bilal Ali Ahmad

We present uSpectre, a new class of transient execution attacks that exploit microcode branch mispredictions to transiently leak sensitive data. We find that many long-known and recently-discovered transient execution attacks, which were…

Cryptography and Security · Computer Science 2025-01-23 Nicholas Mosier , Hamed Nemati , John C. Mitchell , Caroline Trippel

CPUs provide isolation mechanisms like virtualization and privilege levels to protect software. Yet these focus on architectural isolation while typically overlooking microarchitectural side channels, exemplified by Meltdown and Foreshadow.…

Cryptography and Security · Computer Science 2025-07-09 Oleksii Oleksenko , Flavien Solt , Cédric Fournet , Jana Hofmann , Boris Köpf , Stavros Volos

Recent years have brought microarchitectural security intothe spotlight, proving that modern CPUs are vulnerable toseveral classes of microarchitectural attacks. These attacksbypass the basic isolation primitives provided by the…

Cryptography and Security · Computer Science 2021-08-25 Saidgani Musaev , Christof Fetzer

We introduce a new timing side-channel attack on Intel CPU processors. Our Frontal attack exploits timing differences that arise from how the CPU frontend fetches and processes instructions while being interrupted. In particular, we observe…

Cryptography and Security · Computer Science 2021-06-08 Ivan Puddu , Moritz Schneider , Miro Haller , Srdjan Čapkun

Fault-injection attacks have been proven in the past to be a reliable way of bypassing hardware-based security measures, such as cryptographic hashes, privilege and access permission enforcement, and trusted execution environments. However,…

Cryptography and Security · Computer Science 2019-12-11 Zijo Kenjar , Tommaso Frassetto , David Gens , Michael Franz , Ahmad-Reza Sadeghi

Recent work has shown that out-of-order and speculative execution mechanisms used to increase performance in the majority of processors expose the processors to critical attacks. These attacks, called Meltdown and Spectre, exploit the side…

Cryptography and Security · Computer Science 2025-11-25 Subhash Sethumurugan , Hari Cherupalli , Kangjie Lu , John Sartori
‹ Prev 1 2 3 10 Next ›