The Hacker News
SLAM Attack: New Spectre-based Vulnerability Impacts Intel, AMD, and Arm CPUs
December 9^th 2023 at 11:52

SLAM Attack: New Spectre-based Vulnerability Impacts Intel, AMD, and Arm CPUs

By Newsroom

Researchers from the Vrije Universiteit Amsterdam have disclosed a new side-channel attack called SLAM that could be exploited to leak sensitive information from kernel memory on current and upcoming CPUs from Intel, AMD, and Arm. The attack is an end-to-end exploit for Spectre based on a new feature in Intel CPUs called Linear Address Masking (LAM) as well as its analogous

Related tags
December 9^th 2023 at 11:52

The Hacker News
Reptar: New Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments
November 15^th 2023 at 07:52

Reptar: New Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments

By Newsroom

Intel has released fixes to close out a high-severity flaw codenamed Reptar that impacts its desktop, mobile, and server CPUs. Tracked as CVE-2023-23583 (CVSS score: 8.8), the issue has the potential to "allow escalation of privilege and/or information disclosure and/or denial of service via local access." Successful exploitation of the vulnerability could also permit a bypass of the CPU's

Related tags
November 15^th 2023 at 07:52

The Hacker News
CacheWarp Attack: New Vulnerability in AMD SEV Exposes Encrypted VMs
November 14^th 2023 at 18:40

CacheWarp Attack: New Vulnerability in AMD SEV Exposes Encrypted VMs

By Newsroom

A group of academics has disclosed a new "software fault attack" on AMD's Secure Encrypted Virtualization (SEV) technology that could be potentially exploited by threat actors to infiltrate encrypted virtual machines (VMs) and even perform privilege escalation. The attack has been codenamed CacheWarp (CVE-2023-20592) by researchers from the CISPA Helmholtz Center for Information Security and the

Related tags
November 14^th 2023 at 18:40

The Hacker News
Collide+Power, Downfall, and Inception: New Side-Channel Attacks Affecting Modern CPUs
August 9^th 2023 at 15:39

Collide+Power, Downfall, and Inception: New Side-Channel Attacks Affecting Modern CPUs

By THN

Cybersecurity researchers have disclosed details of a trio of side-channel attacks that could be exploited to leak sensitive data from modern CPUs. Called Collide+Power (CVE-2023-20583), Downfall (CVE-2022-40982), and Inception (CVE-2023-20569), the novel methods follow the disclosure of another newly discovered security vulnerability affecting AMD's Zen 2 architecture-based processors known as

Related tags
August 9^th 2023 at 15:39

The Hacker News
ÆPIC and SQUIP Vulnerabilities Found in Intel and AMD Processors
August 16^th 2022 at 14:58

ÆPIC and SQUIP Vulnerabilities Found in Intel and AMD Processors

By Ravie Lakshmanan

A group of researchers has revealed details of a new vulnerability affecting Intel CPUs that enables attackers to obtain encryption keys and other secret information from the processors. Dubbed ÆPIC Leak, the weakness is the first-of-its-kind to architecturally disclose sensitive data in a manner that's akin to an "uninitialized memory read in the CPU itself." "In contrast to transient execution

Related tags
August 16^th 2022 at 14:58

FreshRSS

SLAM Attack: New Spectre-based Vulnerability Impacts Intel, AMD, and Arm CPUs

Reptar: New Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments

CacheWarp Attack: New Vulnerability in AMD SEV Exposes Encrypted VMs

Collide+Power, Downfall, and Inception: New Side-Channel Attacks Affecting Modern CPUs

ÆPIC and SQUIP Vulnerabilities Found in Intel and AMD Processors