|
|
|
|
|
|
by saagarjha
829 days ago
|
|
|
So the thing with speculative attacks is that you can use an invariant that is broken speculatively to leak things. In this case they use a speculative race condition to gain speculative code execution, much like you can use a normal race condition to gain real code execution. Arbitrary speculative code execution can be used to leak data which can be picked up via side channels. |
|
|