Wikipedia

Microarchitectural Data Sampling: Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
Updated CVE information in info box
Citation bot (talk | contribs)
Bots
5,869,863 edits
Alter: title, template type. Removed parameters. | Use this bot. Report bugs. | Suggested by AManWithNoPlan | #UCB_webform 735/1563
Line 20:
| website = {{URL|https://mdsattacks.com|mdsattacks.com}} {{URL|https://zombieloadattack.com|ZombieLoadAttack.com}}
}}
The '''Microarchitectural Data Sampling''' ('''MDS''') [[vulnerability (computing)|vulnerabilities]] are a set of weaknesses in [[Intel CPUs|Intel x86 microprocessors]] that use [[hyper-threading]], and leak data across protection boundaries that are architecturally supposed to be secure. The attacks exploiting the vulnerabilities have been labeled '''Fallout''', '''RIDL''' (''Rogue In-Flight Data Load''), '''ZombieLoad'''.,<ref name="new"/><ref>[https://www.heise.de/security/meldung/Spectre-NG-Luecken-OpenBSD-schaltet-Hyper-Threading-ab-4087035.html Spectre-NG-Lücken: OpenBSD schaltet Hyper-Threading ab], heise.de, 2018-06, accessed 2019-09-29</ref><ref>[https://www.youtube.com/watch?v=sDrRvrh16ws&t=75 Let's Talk To Linux Kernel Developer Greg Kroah-Hartman | Open Source Summit, 2019], TFIR, 2019-09-03</ref> and '''ZombieLoad 2'''.<ref>{{Cite web|url=https://www.forbes.com/sites/daveywinder/2019/11/13/zombie-inside-intel-confirms-zombieload-2-security-threat/|title=Intel Confirms ‘ZombieLoad'ZombieLoad 2’2' Security Threat|last=Winder|first=Davey|date=2019-11-13|website=[[Forbes]]|language=en|url-status=live|archive-url=https://archive.today/20200114182955/https://www.forbes.com/sites/kateoflahertyuk/2020/01/14/new-citrix-security-alert-us-government-issues-test-tool-for-serious-flaw/%2352628b892865|archive-date=14 January 2020|access-date=2020-01-14}}</ref>
 
==Description==
Line 61:
== Further reading ==
=== Original papers by the researchers ===
* {{cite paperweb |title=ZombieLoad: Cross-Privilege-Boundary Data Sampling |author-first1=Michael |author-last1=Schwarz |author-first2=Moritz |author-last2=Lipp |author-first3=Daniel |author-last3=Moghimi |author-first4=Jo |author-last4=Van Bulck |author-first5=Julian |author-last5=Stecklina |author-first6=Thomas |author-last6=Prescher |author-first7=Daniel |author-last7=Gruss |format=[[PDF]] |url=https://zombieloadattack.com/zombieload.pdf |date=2019-05-14}}
* {{cite paperweb |title=RIDL: Rogue In-Flight Data Load |author-first1=Stephan |author-last1=van Schaik |author-first2=Alyssa |author-last2=Milburn |author-first3=Sebastian |author-last3=Österlund |author-first4=Pietro |author-last4=Frigo |author-first5=Giorgi |author-last5=Maisuradze |author-first6=Kaveh |author-last6=Razavi |author-first7=Herbert |author-last7=Bos |author-first8=Cristiano |author-last8=Giuffrida |format=[[PDF]] |url=https://mdsattacks.com/files/ridl.pdf |date=2019-05-14}}
* {{cite paperweb |title=Fallout: Reading Kernel Writes From User Space |author-first1=Marina |author-last1=Minkin |author-first2=Daniel |author-last2=Moghimi |author-first3=Moritz |author-last3=Lipp |author-first4=Michael |author-last4=Schwarz |author-first5=Jo |author-last5=Van Bulck |author-first6=Daniel |author-last6=Genkin |author-first7=Daniel |author-last7=Gruss |author-first8=Frank |author-last8=Piessens |author-first9=Berk |author-last9=Sunar |author-first10=Yuval |author-last10=Yarom |format=[[PDF]] |url=https://mdsattacks.com/files/fallout.pdf |date=2019-05-14}}
* {{cite paperweb |title=ZombieLoad: Cross Privilege-Boundary Data Leakage |author-first1=Jacek |author-last1=Galowicz |author-first2=Thomas |author-last2=Prescher |author-first3=Julian |author-last3=Stecklina |url=https://www.cyberus-technology.de/posts/2019-05-14-zombieload.html |publisher=Cyberus Technology GmbH |date=2019-05-14}}
* {{cite web |url=https://cpu.fail/ |title=cpu.fail |date=2019-05-14 |publisher=[[Graz University of Technology]]}}
 
Retrieved from "https://en.wikipedia.org/wiki/Microarchitectural_Data_Sampling"