Two attacks dubbed RIDL and Fallout exploit a set of four vulnerabilities collectively known as Microarchitectural Data Sampling (MDS) vulnerabilities - a name given by Intel. The flaws affect Intel CPUs released since 2008, the researchers say.
An attacker running unprivileged code on a vulnerable machine could use MDS security flaws to extract information from the operating system kernel, processes, the Software Guard eXtensions (SGX) enclave, and CPU-internal operations.
Both RIDL and Fallout can be used in real-life scenarios where an adversary can point the victim to a webpage with malicious JavaScript to steal sensitive information on the system, like passwords and cryptographic keys.
The researchers say that only Intel CPUs are affected.
Fallout also impacts all modern Intel processors, including those of the 9th generation, which include in-silicon mitigations for Meltdown.
This protection, however, "makes them more vulnerable to Fallout, compared to older generation hardware," say the developers of the attack.
I am buying an FPGA, and rocking homebrew 8bit CPU
Speculative execution was a mistake absolutely. The performance benefits do not out weight the consequences of being wrong. Not to mention it wastes useless extra power when wrong
im asking a friend of mine who works in a hosting company how much fuck that is causing. when the last two dropped and intel fucked up their own patch rhel got a good patch going, im interested in the wild west of patches will go on in the next couple days.