Security exploit
-
- Generalissimo Postalot
- Posts: 774
- Joined: Mar 22nd, 2009, 8:11 pm
Security exploit
I came across this article on the Engadget website yesterday, as they describe as a serious un-fixable security exploit for those with older Intel machines.
http://www.engadget.com/2015/08/08/intel-memory-sinkhole-flaw/
http://www.engadget.com/2015/08/08/intel-memory-sinkhole-flaw/
-
- Grand Pooh-bah
- Posts: 2722
- Joined: Mar 29th, 2009, 3:32 pm
Re: Security exploit
The whitepaper: https://www.blackhat.com/docs/us-15/materials/us-15-Domas-The-Memory-Sinkhole-Unleashing-An-x86-Design-Flaw-Allowing-Universal-Privilege-Escalation-wp.pdf
There's already POC code out there for this: https://github.com/xoreaxeaxeax/sinkhole
Of course, every has jumped all over this with "ZOMG, we're all doomed!!!" type articles.
A more rational analysis of the exploit and the whitepaper: http://www.tomshardware.com/news/blackhat-x86architecture-vulnerability-disclosed,29800.html
TLDR; Yes, this is a real vulnerability. It's also incredibly difficult to pull off.
"The course granularity of the APIC position, combined with the inability to effectively control the APIC data, makes the vulnerability extremely difficult, but not impossible, to apply in practice"
There's already POC code out there for this: https://github.com/xoreaxeaxeax/sinkhole
Of course, every has jumped all over this with "ZOMG, we're all doomed!!!" type articles.
A more rational analysis of the exploit and the whitepaper: http://www.tomshardware.com/news/blackhat-x86architecture-vulnerability-disclosed,29800.html
TLDR; Yes, this is a real vulnerability. It's also incredibly difficult to pull off.
"The course granularity of the APIC position, combined with the inability to effectively control the APIC data, makes the vulnerability extremely difficult, but not impossible, to apply in practice"
I'd like to change your mind, but I don't have a fresh diaper.
-
- Generalissimo Postalot
- Posts: 774
- Joined: Mar 22nd, 2009, 8:11 pm
Re: Security exploit
36Drew wrote:A more rational analysis of the exploit and the whitepaper: http://www.tomshardware.com/news/blackh ... 29800.html
It's been awhile since I've been on the Tom's website.
That's a good link -- thanks for posting it.