A new family of speculative execution side-channel vulnerabilities has been found in Intel CPUs and researchers and vendors are split over how severe the flaws are and how easy they are to exploit.
Even the name of the vuln family is a subject of disagreement among researchers, ranging from colorful to prosaic: ZombieLoad, Fallout, RIDL (Rogue In-Flight Data Load), YAM (Yet Another Meltdown), and Intel’s name for the family of flaws, MDS (Microarchitectural Data Sampling).
Researchers from security firms Cyberus, BitDefender, Qihoo360, and Oracle, along with academic researchers from TU Graz, Vrije Universiteit Amsterdam, the University of Michigan, the University of Adelaide, KU Leuven, Worcester Polytechnic Institute, and Saarland University, discovered the flaws and came up with the related exploits.
Leave a reply
