[_wmd]

tl'dr of the slides:

    Found on one processor... instruction
    Single malformed instruction in ring 3 locks
    Tested on 2 Windows kernels, 3 Linux kernels
    Kernel debugging, serial I/O, interrupt analysis seem to confirm
    Unfortunately, not finished with responsible disclosure
    No details available [yet] on chip, vendor, or instructions

He's found a new f00f bug, winter 2017 is going to be interesting :)

[tempay]

For those not aware: https://en.wikipedia.org/wiki/Pentium_F00F_bug

Can these kind of bugs possible to exploit to cause anything more than minor annoyance?

[hexadecimated]

If it works inside a VM, an attacker could potentially cause a widespread denial of service on cloud computing platforms like Azure and AWS.

[viraptor]

Use them to exploit the system itself - not likely. (Unless they cause some specific bad behaviour rather than a crash) But you can definitely use a DoS issue for other effects. For example if someone is using an auth revokation system which fails open, you could kill that part to use expired credentials. Or if you're able to sometimes inject data, you can keep killing the caching systems until your response is the saved one. (Like in DNS hijack)

[qb45]

Observation: the length of the censored "XXX hardware bug" text on the slides matches neither Intel, AMD nor Transmeta. Unlikely to be VIA too.

Either it's deception or perhaps some obscure low-end embedded vendor.

edit: for the curious, it's "(redacted) hardware bugs" :)

[Veedrac]

You mean the black bar on the PDF? That just says "(redacted)".

[rst]

Or they were smart enough to change the size of the box so that it can't be used to easily identify the vendor (from among a very small set of candidates).

[ericfrederich]

"Obscure" enough to run Windows though

[duskwuff]

Possibly something weird like Vortex86?

[rfth]

If I was a betting man I would say ARM.

[adrianmonk]

Isn't this fuzzing tool x86-only?