[Info-vax] Page cache side-channel attack revealed
Simon Clubley
clubley at remove_me.eisner.decus.org-Earth.UFP
Sun Jan 6 20:36:39 EST 2019
From:
https://www.theregister.co.uk/2019/01/05/boffins_beat_page_cache/
|"We present a set of local attacks that work entirely without any timers,
|utilizing operating system calls (mincore on Linux and QueryWorkingSetEx on
|Windows) to elicit page cache information," wrote the researchers. "We also
|show that page cache metadata can leak to a remote attacker over a network
|channel, producing a stealthy covert channel between a malicious local
|sender process and an external attacker."
Is VMS vulnerable to the same techniques ?
According to the article, a patch has already been produced for Windows.
Note that the paper hasn't been released yet; the Register was given
a copy of the paper.
Simon.
--
Simon Clubley, clubley at remove_me.eisner.decus.org-Earth.UFP
Microsoft: Bringing you 1980s technology to a 21st century world
More information about the Info-vax
mailing list