Corpus ID: 218763138

A Way Around UMIP and Descriptor-Table Exiting via TSX-based Side-Channel Attack

@article{Karvandi2020AWA,
  title={A Way Around UMIP and Descriptor-Table Exiting via TSX-based Side-Channel Attack},
  author={Mohammad Sina Karvandi and Saleh Khalaj Monfared and Mohammad Sina Kiarostami and Dara Rahmati and Saeid Gorgin},
  journal={ArXiv},
  year={2020},
  volume={abs/2005.10333}
}
  • Mohammad Sina Karvandi, Saleh Khalaj Monfared, +2 authors Saeid Gorgin
  • Published 2020
  • Computer Science
  • ArXiv
  • Nowadays, in operating systems, numerous protection mechanisms prevent or limit the user-mode applications to access the kernel's internal information. This is regularly carried out by software-based defenses such as Address Space Layout Randomization (ASLR) and Kernel ASLR (KASLR). They play pronounced roles when the security of sandboxed applications such as Web-browser are considered. Armed with arbitrary write access in the kernel memory, if these protections are bypassed, an attacker could… CONTINUE READING

    Citations

    Publications citing this paper.

    References

    Publications referenced by this paper.
    SHOWING 1-10 OF 46 REFERENCES

    Meltdown: Reading Kernel Memory from User Space

    VIEW 4 EXCERPTS
    HIGHLY INFLUENTIAL

    ZombieLoad: Cross-Privilege-Boundary Data Sampling

    VIEW 1 EXCERPT