Sep 9, 2018 · 1 min read
Yes, for everyone asking, this is a real and severe vulnerability. Very well written article. It explained it in full, but here is a simple explanation.
In layman’s terms:
- Kernel memory and User memory are stored together, but separated by permissions. (It has always been this way.)
- Processors are optimized to run code ahead of time (and out of order) very often under the hood. This is called “speculative execution.”
- Speculative execution on Intel processors does not honor the permissions. (It doesn’t check permissions at all *during speculative execution*.)
That’s the vulnerability. It basically blows the whole OS wide open to attack. It means everything is accessible and exploitable. The more technical details explain *how* to do it, but that is the open door.
It’s so simple and so stupid. You do not have to be a software engineer (or a computer person) to understand this is a complete failure.
TL;DR: Intel CPUs don’t check permissions to sensitive data under the hood, even if though it appears they do on the surface.
