Academics from a university in the Netherlands have published details today about a new vulnerability in Intel processors. From a report: The security bug, which they named CrossTalk, enables attacker-controlled code executing on one CPU core to leak sensitive data from other software running on a different core. The Vrije University’s Systems and Network Security Group (VUSec) says the CrossTalk vulnerability is another type of MDS (microarchitectural data sampling) attack. MDS attacks target user data while in a “transient” state, as it’s being processed inside the CPU and its many data-caching systems. More specifically, CrossTalk attacks data while it’s being processed by the CPU’s Line Fill Buffer (LBF), one of these aforementioned CPU cache systems. According to the VUSec team, the LBF cache actually works with a previously undocumented memory “staging buffer” that is shared by all CPU cores.
of this story at Slashdot.
Source:: Slashdot