Meltdown
Abstract
The security of computer systems fundamentally relies on memory isolation,
e.g., kernel address ranges are marked as non-accessible and are protected from
user access. In this paper, we present Meltdown. Meltdown exploits side effects
of out-of-order execution on mod- ern processors to read arbitrary
kernel-memory locations including personal data and passwords. Out-of-order
execution is an indispensable performance feature and present in a wide range
of modern processors. The attack is independent of the operating system, and it
does not rely on any software vulnerabilities. Meltdown breaks all security
assumptions given by address space isola- tion as well as paravirtualized
environments and, thus, every security mechanism building upon this foundation.
On affected systems, Meltdown enables an adversary to read memory of other
processes or virtual machines in the cloud without any permissions or
privileges, affect- ing millions of customers and virtually every user of a
personal computer. We show that the KAISER defense mechanism for KASLR [8] has
the important (but inad- vertent) side effect of impeding Meltdown. We stress
that KAISER must be deployed immediately to prevent large-scale exploitation of
this severe information leak- age.
https://meltdownattack.com/meltdown.pdf
----------------------------------------------------------------------
You can UNSUBSCRIBE from the OpenDTV list in two ways:
- Using the UNSUBSCRIBE command in your user configuration settings at
FreeLists.org
- By sending a message to: opendtv-request@xxxxxxxxxxxxx with the word
unsubscribe in the subject line.
