The software changes already underway will likely take care of these two exploits, but the coming hardware fixes won't, the researchers noted in the paper. The researchers said they believe the "hardware protection against them will be distinct," which means that chip makers may need to further change their designs to mitigate the threats. |
After creating their own tool to synthesize the Spectre and Meltdown flaws, the researchers were able to use their findings to conduct side-channel attacks, or attacks that take advantage of the physical hardware related to a system's security. By leveraging software dependencies, the paper said, Flush+Reload attacks can also be altered to go after any memory location, not just shared memory. What's at stake here? Well, according to the researchers, these attacks can lead to a leak of privileged kernel memory as well. By leveraging software dependencies, the paper said, Flush+Reload attacks can also be altered to go after any memory location, not just shared memory. What's at stake here? Well, according to the researchers, these attacks can lead to a leak of privileged kernel memory as well. |