**Hypnadogic Pup** @Fuego@awoo.space · 2018-01-02T23:45:12Z

Hypnadogic Pup @Fuego@awoo.space

@rysiek that article is so misleading and ambiguous that i literally cant even. I assume their talking about the MMU timing attack from CCC? That affects EVERY architecture tested. Table look up timing attacks are a thing

Jan 02, 2018, 23:45 · · · ·

**Hypnadogic Pup** @Fuego@awoo.space · Jan 03, 2018, 00:10

**Hypnadogic Pup** @Fuego@awoo.space · Jan 03, 2018, 00:10

Jan 03, 2018, 00:10

Hypnadogic Pup @Fuego@awoo.space

@rysiek I’m implying they have no idea what the consequences and probable fixes are of the bug not that they are lying. If they are referencing the MMU timing attack which much of it makes me think they are, then the misleading parts are all of it.

They way they portray it is nonsensical. They dont understand when kaslr is and is not useful....

**Hypnadogic Pup** @Fuego@awoo.space · Jan 03, 2018, 00:10

**Hypnadogic Pup** @Fuego@awoo.space · Jan 03, 2018, 00:10

Jan 03, 2018, 00:10

Hypnadogic Pup @Fuego@awoo.space

@rysiek The patches look like they are protecting against the mmu attack only for kaslr when it is useless anyhow and not user space aslr where it is useful.

It is NOT paging out the kernel. This attack is present in amd but not across rings.

The entire article is a fuck. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf

**Hypnadogic Pup** @Fuego@awoo.space · Jan 03, 2018, 00:49

**Hypnadogic Pup** @Fuego@awoo.space · Jan 03, 2018, 00:49

Jan 03, 2018, 00:49

Hypnadogic Pup @Fuego@awoo.space

@rysiek it seems like they are mistaking an attack that tells you only if a page happens to be mapped or not at a given virtual memory address with an arbitrary kernel memory peek. The attack is the former and not very severe or useful.

Awoo.space is a Mastodon instance where members can rely on a team of moderators to help resolve conflict, and limits federation with other instances using a specific access list to minimize abuse.

While mature content is allowed here, we strongly believe in being able to choose to engage with content on your own terms, so please make sure to put mature and potentially sensitive content behind the CW feature with enough description that people know what it's about.

Before signing up, please read our community guidelines. While it's a very broad swath of topics it covers, please do your best! We believe that as long as you're putting forth genuine effort to limit harm you might cause – even if you haven't read the document – you'll be okay!

Trending now

Resources

Developers

What is Mastodon?

awoo.space

More…