|
|
|
|
|
|
by Pharaoh2
3086 days ago
|
|
|
4,5 and 6 don't need to time the attack. I am not really sure how/if zero copy may/may not solve this problem. If this bug only allows reading kernel pages, zero copy may actually help if the unprivileged user can't read your pages, but from the small amount of available description it looks like it can read any page, but kernel pages are more interesting because thats a ring lower and which is why all the focus is on that. I am fairly certain there is more protection against being able to read memory owned by process on a lower ring level so zero copy may be a bad idea for security critical data. And based on the disclosure that google published, looks like any memory can be read |
|
|