Code injection

A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation KPTI. This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems...

UBUNTU-CVE-2022-4543

A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation KPTI. This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems...

CVE-2022-4543

A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation KPTI. This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems...

PT-2022-6067

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation KPTI. This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timi...

Prefetch-Hash-Cracker - A Small Util To Brute-Force Prefetch Hashes

Motivation During the forensic analysis of a Windows machine, you may find the name of a deleted prefetch file. While its content may not be recoverable, the filename itself is often enough to find the full path of the executable for which the prefetch file was created. Using the tool The followi...

CVE-2021-26318

A timing and power-based side channel attack leveraging the x86 PREFETCH instructions on some AMD CPUs could potentially result in leaked kernel address space information...

Information disclosure

A timing and power-based side channel attack leveraging the x86 PREFETCH instructions on some AMD CPUs could potentially result in leaked kernel address space information...

UBUNTU-CVE-2021-26318

A timing and power-based side channel attack leveraging the x86 PREFETCH instructions on some AMD CPUs could potentially result in leaked kernel address space information...

CVE-2021-26318

CVE-2021-26318 corresponds to a timing and power-based side-channel issue on some AMD CPUs that could potentially leak kernel address space information via the x86 PREFETCH instruction. Affected software/hardware: all AMD CPUs (per AMD: Side-channels Related to the x86 PREFETCH Instruction). Root...

Advanced Micro Devices Cpu 信息泄露漏洞

The Advanced Micro Devices Cpu Amd Cpu is an excellent central processor for Amd from Advanced Micro Devices, USA . The Advanced Micro Devices Cpu has a security vulnerability that can be exploited by an attacker to cause kernel address space information disclosure on some AMD cpus utilizing the...

AMD x86 PREFETCH instruction related side-channels - Lenovo Support US

No description provided...

Side-channels Related to the x86 PREFETCH Instruction

Bulletin ID: AMD-SB-1017 Potential Impact: Leaked kernel address space information Severity: Medium Summary Researchers from Graz University of Technology with CISPA Helmholtz Center for Information Security have demonstrated timing and power-based side channel attacks leveraging the x86 PREFETCH...

Browsertunnel - Surreptitiously Exfiltrate Data From The Browser Over DNS

Browsertunnel is a tool for exfiltrating data from the browser using the DNS protocol. It achieves this by abusing dns-prefetch, a feature intended to reduce the perceived latency of websites by doing DNS lookups in the background for specified domains. DNS traffic does not appear in the browser'...

How to Scale Addressable Advertising with Low Latency for Live Streaming

Written by: David Springfall, Founder and CTO of Yospace Under David's technical and strategic leadership, Yospace pioneered server-side ad insertion and established itself as the global leader in OTT stream monetisation. The Yospace technology supports full one-to-one personalisation and provide...

Go Live! Addressable, Ad-Supported, Live Video At Scale

Live streaming poses a unique set of challenges and online audiences can only be monetized to the extent that they remain engaged. From an advertising perspective, the viewing experience between your live content and the ads needs to not only be seamless, but also highly targeted in order to...

Linux io-prefetch SQL Injection Vulnerability in Multiple Qualcomm Products

Qualcomm MSM8909W and others are central processing unit CPU products for different platforms from Qualcomm, Inc.Linux io-prefetch is one of the Linux system preloading components. A SQL injection vulnerability exists in Linux io-prefetch in multiple Qualcomm products. A remote attacker could...

CVE-2017-11088

Improper Input Validation in Linux io-prefetch in Snapdragon Mobile and Snapdragon Wear, A SQL injection vulnerability exists in versions MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 835, SD 845...

CVE-2017-11088

CVE-2017-11088 is an SQL injection vulnerability described as a result of improper input validation in the Linux io-prefetch component on Qualcomm/Qualcomm-derived platforms. Public entries indicate affected Qualcomm/SoC families include MSM8909W, MSM8996AU and various Snapdragon SoCs (SD 210/212...

Apple macOS - IOHIDSystem Kernel Read/Write

Sources: https://siguza.github.io/IOHIDeous/ https://github.com/Siguza/IOHIDeous/ IOHIDeous A macOS kernel exploit based on an IOHIDFamily 0day. Write-up here: https://siguza.github.io/IOHIDeous/ Notice The prefetch timing attack I'm using for hid for some reason doesn't work on High Sierra 10.13...

CVE-2016-9817

Xen through 4.7.x allows local ARM guest OS users to cause a denial of service host crash via vectors involving a 1 data or 2 prefetch abort with the ESREL2.EA bit set...