what you don't know can hurt you
Showing 1 - 5 of 5 RSS Feed

Files from Yuval Yarom

Email addressyval at cs.adelaide.edu.au
First Active2013-07-26
Last Active2018-03-14
FreeBSD Security Advisory - FreeBSD-SA-18:03.speculative_execution
Posted Mar 14, 2018
Authored by Jann Horn, Yuval Yarom, Michael Schwarz, Mike Hamburg, Moritz Lipp, Paul Kocher, Werner Haas, Thomas Prescher, Stefan Mangard, Daniel Gruss, Daniel Genkin | Site security.freebsd.org

FreeBSD Security Advisory - A number of issues relating to speculative execution were found last year and publicly announced January 3rd. Two of these, known as Meltdown and Spectre V2, are addressed here.

tags | advisory
systems | freebsd, bsd
advisories | CVE-2017-5715, CVE-2017-5754
MD5 | a26c0e3e31cfe9f94c14cc22c3de9089
Meltdown - Bypassing Intel's Hardware Barrier
Posted Jan 4, 2018
Authored by Yuval Yarom, Michael Schwarz, Mike Hamburg, Moritz Lipp, Paul Kocher, Werner Haas, Thomas Prescher, Stefan Mangard, Daniel Gruss, Daniel Genkin

Whitepaper called Meltdown. It discusses how you can bypass Intel's hardware barrier between applications and the computer's core memory.

tags | paper
MD5 | 7e062aa9d394c19c6c994fa36a6196e6
Spectre Attacks: Exploiting Speculative Execution
Posted Jan 4, 2018
Authored by Yuval Yarom, Michael Schwarz, Mike Hamburg, Moritz Lipp, Paul Kocher, Werner Haas, Thomas Prescher, Stefan Mangard, Daniel Gruss, Daniel Genkin

Whitepaper called Spectre Attacks: Exploiting Speculative Execution. It discusses how to trick error-free applications into giving up secret information.

tags | paper
advisories | CVE-2017-5715, CVE-2017-5753
MD5 | 6967810094670a0978da20db86fbfadc
Spectre Information Disclosure Proof Of Concept
Posted Jan 4, 2018
Authored by Yuval Yarom, Michael Schwarz, Mike Hamburg, Moritz Lipp, Paul Kocher, Werner Haas, Thomas Prescher, Stefan Mangard, Daniel Gruss, Daniel Genkin

Spectre information disclosure proof of concept exploit that affects multiple CPUs.

tags | exploit, proof of concept, info disclosure
advisories | CVE-2017-5715, CVE-2017-5753
MD5 | 98f87055672b6c38186854b5370f5469
Flush + Reload: A High Resolution, Low Noise, L3 Cache Side-Channel Attack
Posted Jul 26, 2013
Authored by Yuval Yarom, Katrina Falkner

Flush+Reload is a cache side-channel attack that monitors access to data in shared pages. In this paper the authors demonstrate how to use the attack to extract private encryption keys from GnuPG. The high resolution and low noise of the Flush+Reload attack enables a spy program to recover over 98% of the bits of the private key in a single decryption or signing round. Unlike previous attacks, the attack targets the last level L3 cache. Consequently, the spy program and the victim do not need to share the execution core of the CPU. The attack is not limited to a traditional OS and can be used in a virtualised environment, where it can attack programs executing in a different VM.

tags | paper
MD5 | ad27212856fc1757a511a4724c7cc8a4
Page 1 of 1
Back1Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    19 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close