本当ã«ã‚ã‹ã‚‹ Spectre 㨠MeltdownmacOSã®ä»®æƒ³åŒ–技術ã«ã¤ã„㦠~Virtualization-rs Rust bindings for virtualization.framework ~
Meltdown/Spectreã®è„†å¼±æ€§ã€ãƒªã‚¹ã‚¯ã€å¯¾ç–
“Stay Rightâ€ãƒšãƒ³ãƒ†ã‚¹ãƒˆä½“験:SANS Holiday Hack Challenge 2017ã®è§£èª¬ & Walkthrough
Meltdown and Spectre
Meltdown and Spectre Vulnerabilities in modern computers leak passwords and sensitive data. Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware vulnerabilities allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spec
Reading privileged memory with a side-channel - Project Zero
We have discovered that CPU data cache timing can be abused to efficiently leak information out of mis-speculated execution, leading to (at worst) arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts. Variants of this issue are known to affect many modern processors, including certain processors by Intel, AMD and ARM. For a few Intel and AMD CPU models
CPUã®è„†å¼±æ€§ Meltdownã¨Spectreã«ã¤ã„ã¦ã¾ã¨ã‚ã¦ã¿ãŸ - piyolog
2018å¹´1月3æ—¥ã«CPUã«é–¢é€£ã™ã‚‹3ã¤ã®è„†å¼±æ€§æƒ…å ±ãŒå…¬é–‹ã•ã‚Œã¾ã—ãŸã€‚å ±å‘Šè€…ã«ã‚ˆã‚‹ã¨ã“れらã®è„†å¼±æ€§ã¯Meltdownã€Spectreã¨å‘¼ç§°ã•ã‚Œã¦ã„ã¾ã™ã€‚ã“ã“ã§ã¯é–¢é€£æƒ…å ±ã‚’ã¾ã¨ã‚ã¾ã™ã€‚ 脆弱性ã®æ¦‚è¦ å ±å‘Šè€…ãŒè„†å¼±æ€§æƒ…å ±ã‚’æ¬¡ã®å°‚用サイトã§å…¬é–‹ã—ãŸã€‚ Meltdown and Spectre (ã¾ãŸã¯ã“ã¡ã‚‰) 3ã¤ã®è„†å¼±æ€§ã®æ¦‚è¦ã‚’ã¾ã¨ã‚ã‚‹ã¨æ¬¡ã®é€šã‚Šã€‚ 脆弱性ã®å称 Meltdown Spectre CVE CVE-2017-5754(Rogue data cache load) CVE-2017-5753(Bounds check bypass) CVE-2017-5715(Branch target injection) 影響をå—ã‘ã‚‹CPU Intel Intelã€AMDã€ARM CVSSv3 基本値 4.7(JPCERT/CC) 5.6(NIST) â†ã«åŒã˜ PoC å ±å‘Šè€…éžå…¬é–‹ è«–æ–‡ä¸ã«x
1
ランã‚ング
ランã‚ング
ãŠçŸ¥ã‚‰ã›
リリースã€éšœå®³æƒ…å ±ãªã©ã®ã‚µãƒ¼ãƒ“スã®ãŠçŸ¥ã‚‰ã›
最新ã®äººæ°—エントリーã®é…ä¿¡
処ç†ã‚’実行ä¸ã§ã™
j次ã®ãƒ–ックマーク
kå‰ã®ãƒ–ックマーク
lã‚ã¨ã§èªã‚€
eコメント一覧を開ã
oページを開ã
{{#tags}}- {{label}}
{{/tags}}