Variant 1 enables out-of-bounds memory reads in code that was previously thought to be safe. This vulnerability affects specific sequences within compiled applications, which must be addressed on a per-binary basis (e.g. browser patches).
-
-
Show this thread
-
Variant 3 is analogous to variant 1, except it enables reading from kernel memory that’s available in the same address space. For Linux, the fix is KPTI (Kernel Page Table Isolation); other operating systems have similar mitigations.
Show this thread -
Variant 2 enables variant 1 across protection domains on the same CPU core (e.g. across guest/host mode, CPU rings, or processes). Fixing requires a microcode update from the CPU vendor, or hypervisor software mitigations such as Retpoline.
Show this thread
End of conversation
New conversation -
-
-
Security By Just Not Doing Anything At All™
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Good question.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
JavaScript, HTML, CSS, HTTP, performance, security, Bash, Unicode, i18n, macOS.