Questions tagged [speculative-store-bypass]
The speculative-store-bypass tag has no summary.
5 questions
1 vote
0 answers
246 views
Spectre Mitigations Output for sucessful patch
I got the results of an internal pentest at my company and the job to fix it. The paper they gave me looked like the output i got from microsofts speculativecontrol powershell script from https://...
- 74
3 votes
0 answers
429 views
VirtualBox & Spectre V4
I found the following ticket in the VirtualBox issue tracker: https://www.virtualbox.org/ticket/17987 The important (in the context of this question) part is that the guest OS (Debian) running in ...
- 191
1 vote
0 answers
232 views
Software mitigation for variant 3a (rogue system register read) and variant 4 (speculative store bypass)
AFAIK, all mitigable meltdown / spectre variants have software mitigation except for variant 3a and 4. Why is this the case? For variant 4, a straightforward software mitigation is to place lfence ...
- 183
16 votes
2 answers
4k views
Are new AMD processors more secure than Intel ones?
Since the discovery of Meltdown and Spectre, CPU security has been compromised and trust to the main manufacturers reduced, particularly Intel. 8 months later I wonder, what CPUs are more secure at ...
- 163
0 votes
1 answer
527 views
What is the attack vector for CVE-2018-3639 Speculative Store Bypass?
We use Web Application deployed on a CentOS server. Can the attack will be performed via a browser? Or the attacker need a physical access to the CentOS server? I cannot understand the attack vector ...
- 1,479