Spoiler (Security Vulnerability)

From Handwiki
Short description: Security vulnerability on CPUs that use speculative execution
Spoiler
CVE identifier(s)CVE-2019-0162
Date discoveredNovember 2018; 5 years ago (2018-11)
DiscovererUnited States Worcester Polytechnic Institute
Germany University of Lübeck
Affected hardwareModern Intel microprocessors

Spoiler is a security vulnerability on modern computer central processing units that use speculative execution. It exploits side-effects of speculative execution to improve the efficiency of Rowhammer and other related memory and cache attacks. According to reports, all modern Intel Core CPUs are vulnerable to the attack (As of 2019).[1][2] AMD has stated that its processors are not vulnerable.[3][4]

Spoiler was issued a Common Vulnerabilities and Exposures ID of CVE-2019-0162.

See also

  • Hardware security bug
  • Meltdown (security vulnerability)
  • Microarchitectural Data Sampling

References

  1. Tung, Liam. "All Intel chips open to new Spoiler non-Spectre attack: Don't expect a quick fix" (in en). https://www.zdnet.com/article/all-intel-chips-open-to-new-spoiler-non-spectre-attack-dont-expect-a-quick-fix/. 
  2. Owen, Malcolm; March 05; 2019; PT, 01:42 pm. "New 'Spoiler' vulnerability in all Intel Core processors exposed by researchers" (in en). https://appleinsider.com/articles/19/03/05/new-spoiler-vulnerability-in-all-intel-core-processors-exposed-by-researchers. 
  3. "SPOILER | AMD". https://www.amd.com/en/support/kb/faq/pa-240. 
  4. "AMD Confirms Its Processors Aren't Impacted by Spoiler Vulnerability" (in en). 2019-03-17. https://www.tomshardware.com/news/amd-processor-intel-spoiler-vulnerability,38841.html. 

External links

  • Islam, Saad; Moghimi, Ahmad; Bruhns, Ida; Krebbel, Moritz; Gulmezoglu, Berk; Eisenbarth, Thomas; Sunar, Berk (2019-03-01). "SPOILER: Speculative Load Hazards Boost Rowhammer and Cache Attacks". arXiv:1903.00446v1.
  • CVE-2019-0162 at National Vulnerability Database





Retrieved from "https://handwiki.org/wiki/index.php?title=Spoiler_(security_vulnerability)&oldid=76941"

Categories: [Computer security exploits]

Download as ZWI file | Last modified: 11/11/2024 03:00:21 | 3 views
☰ Source: https://handwiki.org/wiki/Spoiler_(security_vulnerability) | License: CC BY-SA 3.0

ZWI is not signed. [what is this?]

ZWI viewer by the EncyclosphereKSF