On Wed, Jan 3, 2018 at 11:53 PM John Sellens via talk <[email protected]> wrote:
> One could assert that the days of time sharing systems are largely over, > at least on production systems that people care about. > > And I think it's fair to say that it has been good practice for quite > some time to not allow random binaries to run on systems you care about. > > I have no idea whether hypervisors (like xen or esxi) are vulnerable. > But the same guidelines can be applied to VMs running on hypervisors. > Xen and kvm are both affected. > I wonder how exploitable this problem really is? > Meltdown already has some exploits around that I am seeing. I also believe there is some poc code out there to exploit it. One of which I believe is executing JavaScript in your web browser to get kernel space data. Dhaval
--- Talk Mailing List [email protected] https://gtalug.org/mailman/listinfo/talk
