Originally posted by pali
View Post
-
Spectre affects almost every modern processor architecture with speculative execution including newer IBM POWER and ARM.
-
Because sound drivers, like any other kernel drivers, run in the ring 0 mode which has access to whole physical memory. And because input to the kernel comes from the untrusted user (who would like to read physical memory to which it does not have access), it is needed to protect a kernel code which is vulnerable to bounds check due to bugs in x86 processors (aka Spectre v1). So imagine that you could prepare special input for these drivers (e.g. some IOCTL or any other syscall) and thanks to Spectre v1 you would use timing attacks to read from unavailable memory.Leave a comment:
-
I do not understand why sound drivers need protecting against Spectre, etc. I do not think that sound drivers use passwords and I assume that this does not protect audio recordings made with the sound hardware. Could someone please say where the risk is with sound drivers?Leave a comment:
-
Typo:
it has uncovered hundreds of potential areas where the kernel's C could could
One could is sufficient.Leave a comment:
-
Linux Kernel Hardens Sound Drivers Against Spectre V1 Vulnerability
Phoronix: Linux Kernel Hardens Sound Drivers Against Spectre V1 Vulnerability
As part of fixes landing for the Linux kernel sound drivers, several sound drivers were hardened against Spectre Variant One...
Leave a comment: