-
"ZombieLoad": a new set of speculative-execution attacks
The curtain has finally been lifted on the latest set of speculative-execution vulnerabilities. This one has the delightful name of ZombieLoad; it is also known as "microarchitetural data sampling", but what's the fun in that? Various x86 processors stash data into hidden buffers that can, in some cases, be revealed via speculative execution. Exploits appear to be relatively hard. See this page from the kernel documentation for a fairly detailed description of the problem, and this page for mitigation information.