Announcement

Collapse
No announcement yet.

NetSpectre Vulnerability Can Reveal Arbitrary Memory Over Network

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • NetSpectre Vulnerability Can Reveal Arbitrary Memory Over Network

    Phoronix: NetSpectre Vulnerability Can Reveal Arbitrary Memory Over Network

    NetSpectre is a new network-based speculative attack vulnerability that doesn't require exploited code to be running on the target machine...

    http://www.phoronix.com/scan.php?pag...&px=NetSpectre

  • #2
    Besides the slow rate of data leakage, if your system is patched against the other known Spectre vulnerabilities, it's believed you should be largely same from NetSpectre.
    same=safe?

    Comment


    • #3
      Aand here goes the safety of network infrastructure.

      Might be slow, but infrastructure is there all day and all the night, and won't be changed or upgraded for decades. In many cases not even patched for software issues.

      Comment


      • #4
        Originally posted by Darknation View Post

        same=safe?
        Argh.

        Is it possible to mitigate this by adding a small random latency to every packet with tc qdisc? (of course is hurtful to clusters)

        Comment


        • #5
          This is crazy..
          So this is a hardware bug in all network cards?
          Or is it an issue where the network card drivers can exploit the CPU spectre vulnerabilities ?

          Comment


          • #6
            The attack is so hard it's borderline impossible to do in a lab environment.

            Comment


            • #7
              Originally posted by pracedru View Post
              This is crazy..
              So this is a hardware bug in all network cards?
              Or is it an issue where the network card drivers can exploit the CPU spectre vulnerabilities ?
              Neither, it's "carefully modified network packets sent and received (for analysis) exploiting either applications or drivers through Spectre vulnerabilities".

              They are basically discussing how to exploit the same Spectre vulns in the CPU without having code running in the target system.

              Comment


              • #8
                Originally posted by pracedru View Post
                This is crazy..
                So this is a hardware bug in all network cards?
                Or is it an issue where the network card drivers can exploit the CPU spectre vulnerabilities ?
                It's trying to exploit Spectre vulnerabilities without needing to run malicious software on the target machine - practically, not a concern. Very difficult to exploit, and only works in a limited number of conditions. And as Michael said in the article, very little information is leaked. Practically not important, but if they can build on it, they might be able to come up with a practical exploit that would pose an actual security concern.

                Comment


                • #9
                  My first thought is that this is pretty bad for the reasons you point out. It is very hard to have confidence in any hardware these days. Im just wondering who will be the first hardware vendor to offer up processors resistant to these attacks?

                  Originally posted by starshipeleven View Post
                  Aand here goes the safety of network infrastructure.

                  Might be slow, but infrastructure is there all day and all the night, and won't be changed or upgraded for decades. In many cases not even patched for software issues.

                  Comment


                  • #10
                    wizard69 is there any cpu that we kno of with hardware mitigations for spectre ,that is expected to be released before zen 2 ?

                    Comment

                    Working...
                    X