Bypassing KPTI Using the Speculative Behavior of the SWAPGS Instruction

Bitdefender senior researchers Dan Horea Luțaș and Andrei Vlad Luțaș recently uncovered a new speculative-execution vulnerability and demonstrated how it can be exploited via a side-channel style attack, dubbed SWAPGS Attack. The vulnerability has been publicly reported today as CVE-2019-1125. While side-channel attacks have been known for some time now, speculative execution-based attacks are new, … Continue reading Bypassing KPTI Using the Speculative Behavior of the SWAPGS Instruction