On Jan 6, 2018 11:55 AM, "John-Mark Gurney" <[email protected]> wrote:
Freddie Cash wrote this message on Fri, Jan 05, 2018 at 11:53 -0800: > Spectre (aka CVE-2017-5715 and CVE-2017-5753) is the issue that affects all > CPUs (Intel, AMD, ARM, IBM, Oracle, etc) and allows userland processes to > read memory assigned to other userland processes (but does NOT give access > to kernel memory). No, Spectre does not allow one userland process to read another userland process's memory.. It allows an attacker to read any memory within the same process. That's variant 1 of Spectre. Variant 2 crosses process boundaries. It's the one that has VM hosting systems worried as a process running in VM1 can read memory assigned to VM2. Cheers, Freddie _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
