On Monday, March 29th, security researchers uncovered two vulnerabilities in Linux distributions that help to bypass protection from speculative attacks like Specter and extract sensitive information from kernel memory. Vulnerabilities CVE-2020-27170 and CVE-2020-27171 (5.5 out of 10 on the CVSS severity scale) were discovered by Symantec Threat Hunter Pyotr Krysiuk and affect all versions of… Continue reading New vulnerabilities help to bypass protection from Specter on Linux systems
Tag: Specter
Google experts published PoC exploit for Specter that is targeting browsers
Google engineers published a PoC exploit to demonstrate the effectiveness of using the Specter vulnerability in browsers to access information in memory. This PoC exploit is reported to work with a wide range of architectures, operating systems, and hardware generations. It proves in practice that the protective mechanisms that developers have added to their browsers… Continue reading Google experts published PoC exploit for Specter that is targeting browsers
Full-fledged exploits detected for Specter vulnerability
French cybersecurity specialist Julien Voisin reported that in early February 2021, someone uploaded exploits for the Specter vulnerability to VirusTotal. This is the first time that a “combat” exploit for this problem has become publicly available. As a reminder, the original Specter issue was discovered in 2018 along with the Meltdown bug. These fundamental flaws… Continue reading Full-fledged exploits detected for Specter vulnerability