[tomek@vz]

Citiraj:

The Linux kernel was just patched moments ago for a new CPU security vulnerability... VMSCAPE. VMSCAPE affects both Intel and AMD processors.

VMSCAPE is an issue around indirect branch predictor flushes. VMSCAPE is described as:

"vmscape is a vulnerability that essentially takes Spectre-v2 and attacks host userspace from a guest. It particularly affects hypervisors like QEMU.

Even if a hypervisor may not have any sensitive data like disk encryption keys, guest-userspace may be able to attack the guest-kernel using the hypervisor as a confused deputy.

There are many ways to mitigate vmscape using the existing Spectre-v2 defenses like IBRS variants or the IBPB flushes. This series focuses solely on IBPB because it works universally across vendors and all vulnerable processors. Further work doing vendor and model-specific optimizations can build on top of this if needed / wanted."

VMSCAPE affects Intel CPUs, going back at least to Skylake and up through Alder Lake and newer processors that are affected by BHI.

> Phoronix

Citiraj:

ZynorRAT Exploits Windows and Linux Systems to Gain Remote Access

> gbhackers