
CrossTalk/SRBDS shows possibility of leaking information across CPU cores - 1_player
https://www.vusec.net/projects/crosstalk/
======
Sohcahtoa82
Is this exploitable via JavaScript in a web browser? My guess is no.

Basically trying to determine if home users should be worried about this at
all.

~~~
avianes
This particular vulnerabilities use x86 specific instructions such as CPUID
(which provides information about the CPU version) to extract the content of a
shared buffer which contains sensitive data in some cases. This instruction
(CPUID) is not accessible through JS within a web browser so there is probably
no exploit from a web page.

But this attack is feasible from any native application (without privileges)
on the machine.

