Security vulnerability : Speculative Load Hazards Boost Rowhammer and Cache Attacks aka "SPOILER"

  • 7023745
  • 25-Feb-2019
  • 11-Apr-2019

Environment

SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 15

Situation

Researchers have identified a new side channel attack against CPUs, that allows local attackers able to execute code to gain information about virtual to physical memory mapping layout.

This side channel attack allows more efficient Rowhammer or other side channel attacks like Probe+Prime, but it does not gain access to secret memory content on its own.

Resolution

Mitigations that address this specific problem are not possible, but methods to block further attacks like Meltdown or Spectre have been implemented in SUSE Linux products by using KPTI (Kernel page-table isolation) and other side channel avoidance methods.

Cause

Additional Information

Feedback service temporarily unavailable. For content questions or problems, please contact Support.