Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Proof-of-concept exploit: Intel CPU cache poisoning (theinvisiblethings.blogspot.com)
8 points by yungchin on March 19, 2009 | hide | past | favorite | 2 comments



Bug has been reported by Intel's own employees and by researches since 2006, it seems.

Paper here: http://invisiblethingslab.com/resources/misc09/smm_cache_fun... Code here: http://invisiblethingslab.com/resources/misc09/o68-2.tgz


A quick skim of the paper reveals a relatively short and simple attack, but its implications are huge. Code running in SMM mode can literally do anything it wants, and even kernel level code will find it incredibly difficult or possibly even impossible to tell if it has been subverted by malicious SMM code.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: