Bug 1087110 - (CVE-2018-9056) VUL-0: CVE-2018-9056: BranchScope: A New Side-Channel Attack on Directional Branch Predictor
(CVE-2018-9056)
VUL-0: CVE-2018-9056: BranchScope: A New Side-Channel Attack on Directional B...
Status: NEW
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
CVSSv3:SUSE:CVE-2018-9056:5.9:(AV:L/...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-03-27 14:23 UTC by Marcus Meissner
Modified: 2020-06-29 06:33 UTC (History)
11 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments
asplos18.pdf (2.70 MB, application/pdf)
2018-03-27 14:25 UTC, Marcus Meissner
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2018-03-27 14:23:53 UTC
http://www.cs.ucr.edu/~nael/pubs/asplos18.pdf

Abstract
We present
BranchScope
— a new side-channel attack where
the attacker infers the direction of an arbitrary conditional
branch instruction in a victim program by manipulating the
shared directional branch predictor. The directional compo-
nent of the branch predictor stores the prediction on a given
branch (taken or not-taken) and is a different component
from the branch target buffer (BTB) attacked by previous
work.

(rest is in the PDF)
Comment 1 Marcus Meissner 2018-03-27 14:25:18 UTC
Created attachment 765116 [details]
asplos18.pdf

asplos18.pdf paper attached
Comment 3 Marcus Meissner 2018-03-27 19:42:52 UTC
CVE-2018-9056