1780586 – (CVE-2019-0162, Spoiler) CVE-2019-0162 hw: dram: spoiler attack

Bug 1780586 (CVE-2019-0162, Spoiler) - CVE-2019-0162 hw: dram: spoiler attack

Summary: CVE-2019-0162 hw: dram: spoiler attack

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2019-0162, Spoiler
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1674338
TreeView+	depends on / blocked

Reported:	2019-12-06 13:25 UTC by Petr Matousek
Modified:	2021-02-16 20:56 UTC (History)
CC List:	13 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2019-12-06 13:26:25 UTC
Embargoed:

Attachments	(Terms of Use)

Description Petr Matousek 2019-12-06 13:25:52 UTC

The SPOILER vulnerability is a micro-architectural leakage which allows an attacker to determine virtual-to-physical page mappings in unprivileged user space processes. It leverages data dependency of speculative load and store operations in the Memory Order Buffer and uses rdtscp and mfence instructions to measure the timing discrepancies that reveal memory layout. This allows to detect ranges of contiguous physical memory pages which makes RowHammer much more effective and easier, just seconds of an attack instead of weeks.

Comment 1 Petr Matousek 2019-12-06 13:25:56 UTC

Statement:

Red Hat Product Security is aware of this issue. For additional information, please refer to the Red Hat Knowledgebase article:  https://access.redhat.com/articles/1377393

Note You need to log in before you can comment on or make changes to this bug.