Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Tuesday January 02 2018, @02:29AM   Printer-friendly
from the starting-off-the-new-year-right dept.

Spotted over on HN:

The mysterious case of the Linux Page Table Isolation patches (archive)

tl;dr: there is presently an embargoed security bug impacting apparently all contemporary CPU architectures that implement virtual memory, requiring hardware changes to fully resolve. Urgent development of a software mitigation is being done in the open and recently landed in the Linux kernel, and a similar mitigation began appearing in NT kernels in November. In the worst case the software fix causes huge slowdowns in typical workloads. There are hints the attack impacts common virtualization environments including Amazon EC2 and Google Compute Engine, and additional hints the exact attack may involve a new variant of Rowhammer.

Turns out 2018 might be more interesting than first thought. So grab some popcorn and keep those systems patched!


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Tuesday January 02 2018, @12:06PM (4 children)

    by Anonymous Coward on Tuesday January 02 2018, @12:06PM (#616691)

    This is security sensationalism for you. Because all the truly severe stuff is a thing of the past everything that remains gets blown out of proportion.

  • (Score: 0) by Anonymous Coward on Tuesday January 02 2018, @12:44PM (3 children)

    by Anonymous Coward on Tuesday January 02 2018, @12:44PM (#616696)

    This is security sensationalism for you. Because all the truly severe stuff is a thing of the past everything that remains gets blown out of proportion.

    x86 prefetch instructions allow unprivileged processes to fetch privileged memory to cache but it appears there's a more severe and specific attack on Intel microarchitecture. Kindly do tell, what proportion is appropriate here?

    • (Score: 2) by LoRdTAW on Tuesday January 02 2018, @01:45PM

      by LoRdTAW (3755) on Tuesday January 02 2018, @01:45PM (#616710) Journal

      This is what happens when the poster doesn't understand the article, feels stupid, gets mad about feeling stupid and says something dumb.

    • (Score: 0) by Anonymous Coward on Tuesday January 02 2018, @04:30PM (1 child)

      by Anonymous Coward on Tuesday January 02 2018, @04:30PM (#616753)

      Severe: Remote code execution via malformed ping that anybody can do in their sleep (old school sploit shit).
      Modern: Some cryptic stuff that nobody is going to bother doing on a large scale (low hanging fruit and all) except in highly targeted attacks (and if you're at the receiving end of one of these it doesn't matter what you do, you will get pwnt).

      • (Score: 0) by Anonymous Coward on Tuesday January 02 2018, @05:06PM

        by Anonymous Coward on Tuesday January 02 2018, @05:06PM (#616773)

        Severe: Remote code execution via malformed ping that anybody can do in their sleep (old school sploit shit).
        Modern: Some cryptic stuff

        "math is hard". Let me guess, you were an expert in the ping of death for a whole weekend 20 years ago and now only really use your computer for online banking?