Thursday, October 4, 2018

Speculation Attacks using the Return Stack Buffer

[UPDATE 2018-10-05]

This blog post was updated with the steps to update Debian 8

----

A new vulnerability  was discovered in the Linux Kernel. The recent Spectre attacks exploit speculative execution to allow the exfiltration of sensitive data across protection boundaries.

https://blog.bitnami.com/2018/01/spectre-and-meltdown-privileged-memory.html
https://blog.bitnami.com/2018/05/kernel-side-channel-attack.html

This is a new Spectre-class attack, also known as SpectreRSB (CVE-2018-15572), that exploits the return stack buffer (RSB), a common structure in modern CPUs used to predict return addresses. More information about this security vulnerability can be found in the official paper at https://www.usenix.org/conference/woot18/presentation/koruyeh.

Once a new, patched kernel is available from the operating system vendor, you can update it by following these instructions (depending on your distribution/operating system):


Debian 8 and 9 / Ubuntu 14.04, 16.04 and 18.04

    sudo apt-get update && sudo apt-get dist-upgrade

Oracle Linux, Red Hat, CentOS and Amazon Linux

    Not affected

OSX

   Update your system packages when the operating system suggests to.

Once you have completed the steps above, you will have the fixed version of the kernel/operating system after rebooting your server.

If you have any questions about this process, please post to our community support forum and we will be happy to help!

No comments:

Post a Comment

Please use our community forum if you have any questions community.bitnami.com