Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 7 Jan 2019 08:43:40 +0100
From: Marcus Meissner <meissner@...e.de>
To: OSS Security List <oss-security@...ts.openwall.com>
Subject: New pagecache based sidechannel attack published

Hi,

https://www.theregister.co.uk/2019/01/05/boffins_beat_page_cache/
https://arxiv.org/abs/1901.01161

Daniel Gruss, Erik Kraft, Trishita Tiwari, Michael Schwarz, Ari Trachtenberg, Jason Hennessey, Alex Ionescu, Anders Fogh
have published a paper describing side channels attacks using OS pagecache statistics, allowing looking at
things like keystroke timing and others.

This affects not just Linux, but also Windows and potentially other OS.

Linux mainline patch:
  https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=574823bfab82d9d8fa47f422778043fbb4b4f50e

I have requested a Linux specific CVE.

Ciao, Marcus

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.