[Cryptography] Big ugly security problem in post-2008 Intel chipsets.

Jerry Leichter leichter at lrw.com
Tue May 2 18:03:31 EDT 2017

> [,,,]
> https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/ <https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/>
> Any details of what level of local access is needed for a local exploit? In particular, is this exploitable from inside a VM? That would be really bad news for AWS, Google Cloud, or Azure. 
Published details remain vague.

One could also ask what level of *network* access is required.  If simply the ability to send a packet to the machine is enough, perhaps you could break into one VM's host from a different VM - since VM's you own can send each other packets.
                                                        -- Jerry

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170502/fa1386e5/attachment.html>

More information about the cryptography mailing list