Researchers have release a new proof-of-concept attack targeting a new Intel Speculative-type bug called CacheOut present in most Intel CPUs.
Researchers have identified a new speculative execution type attack, dubbed CacheOut, that could allow attackers to trigger data leaks from most Intel CPUs. The more serious of the two bugs, revealed Monday, is rated medium severity by Intel, who said fixes for both flaws are on the way.
The more serious of the two CacheOut bugs, tracked as CVE-2020-0549, is a CPU vulnerability that allows an attacker to target data stored within the OS kernel, co-resident virtual machines and even within Intel’s Software Guard Extensions (SGX) enclave, a trusted execution environment on Intel processors.
“In this work we present CacheOut, a new microarchitectural attack that is capable of bypassing Intel’s buffer overwrite countermeasures,” wrote researcher Stephan van Schaik of the University of Michigan and colleagues in a research report made public.
For More Details :
https://threatpost.com/new-cacheout-attack-targets-intel-cpus/152323/
