Having trouble keeping all the CPU vulns that dropped today straight? Understandable. There's a lot.

This is going to be a thread.
Multiple teams of security researchers around the world independently discovered these vulns and have been loosely coordinating to work on these disclosures together. This process was quite long; it took over a year. Four different whitepapers dropped today.
mdsattacks.com goes over two attacks: RIDL and Fallout. These attacks exploit Microarchitectural Data Sampling (MDS) side channel vulnerabilities in Intel CPUs.

RIDL paper here: mdsattacks.com/files/ridl.pdf
Fallout paper here: mdsattacks.com/files/fallout.…
The mdsattacks.com site also contains a FAQ, videos of exploit demos, a really cool interactive guide to speculative execution attacks (seriously, go play with it) and handy tools to check if your system is vulnerable (links in next tweet).
Verify whether your system is vulnerable to the new MDS CPU attacks with these tools from the RIDL team!

Windows: mdsattacks.com/files/mdstool-…
Linux: mdsattacks.com/files/mdstool-…
GitHub: github.com/vusec/ridl
Also dropped today from TU Graz was #ZombieLoad. ZombieLoad uncovers a novel Meltdown-type effect in previously unexplored fill-buffer logic.

zombieload.com is dedicated to this vuln, w/ FAQ.

Paper here: zombieloadattack.com/zombieload.pdf
Exploit POC here: github.com/IAIK/ZombieLoad
#ZombieLoad is no joke. It has multiple practical attack scenarios across CPU privilege rings, OS processes, VMs, and SGX enclaves.

Disabling hyperthreading is the only possible workaround to prevent this extremely powerful attack on current processors.
But wait, there's more!
cpu.fail contains links to the other CPU vulns, and one more whitepaper, which isn't anywhere else.

This paper on store-to-leak forwarding shows that Meltdown-style attacks can still work on recent CPUs that aren't vulnerable to Meltdown.

cpu.fail/store-to-leak.…
These attacks affect all modern Intel CPUs in servers, desktops and laptops, including the latest 9th-gen processors that contain Meltdown mitigations. 9th-gen CPUs are actually more vulnerable to some of these attacks than older-gen hardware.

AMD and ARM CPUs are not affected.
Blog post from Red Hat with technical detail on MDS vulns (with long deep-dive video): redhat.com/en/blog/unders…

Blog post with technical detail on #ZombieLoad: cyberus-technology.de/posts/2019-05-…

Intel advisory: intel.com/content/www/us…
Red Hat advisory on new CPU vulnerabilities, with CVE numbers

CVE-2018-12130
CVE-2018-12126
CVE-2018-12127
CVE-2019-11091

access.redhat.com/security/vulne…
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Ian Coldwater 👻🌿✨
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!