Security Researchers Detail New "BlindSide" Speculative Execution Attack

Tech News :

BlindSide - VUSec

BlindSide allows attackers to "hack blind" in the Spectre era. That is, given a simple buffer overflow in the kernel and no additional info leak vulnerability, BlindSide can mount BROP-style attacks in the speculative execution domain to repeatedly probe and derandomize the kernel address space, craft arbitrary memory read gadgets, and enable reliable exploitation.

Post a Comment