Slashdot Mirror

← Back to Stories (view on slashdot.org)

Intel Cache Poisoning Is Dangerously Easy On Linux

Posted by timothy on from the anything-you-set-your-mind-to dept.

Julie188 writes "A researcher recently released proof-of-concept code for an exploit that allows a hacker to overrun an Intel CPU cache and plant a rootkit. A second, independent researcher has examined the exploit and noted that it is so simple and so stealthy that it is likely out in the wild now, unbeknownst to its victims. The attack works best on a Linux system with an Intel DQ35 motherboard with 2GB of memory. It turns out that Linux allows the root user to access MTR registers incredibly easily. With Windows this exploit can be used, but requires much more work and skill and so while the Linux exploit code is readily available now, no Windows exploit code has, so far, been released or seen. This attack is hardware specific, but unfortunately, it is specific to Intel's popular DQ35 motherboards."

3 of 393 comments (clear)

  1. Re:The point? by LanMan04 · · Score: 0, Redundant

    The significance of SMM buried rootkits is that you can remove and shred the hard drive of your compromised machine, replace it with a new one, do a fresh install, and still be compromised.

    ^^^^^^^^^^^
    Quoted from some smart guy.

    --
    With the first link, the chain is forged.
  2. Let me get this straigh... by Hurricane78 · · Score: 0, Redundant

    ...it is a danger, that someone on an Intel system, who has root access to a box, can plant a rootkit??

    Unpossible! The sky falls down, and earth explodes! I can't believe it!

    --
    Any sufficiently advanced intelligence is indistinguishable from stupidity.
  3. A root to root exploit ?! by billcopc · · Score: 1, Redundant

    Why the hell would anyone go through the trouble of pulling a motherboard-specific cache exploit, if the program is already running with root privs ?

    How about "cp hax0red-vmlinz /boot" and have a nice day...

    --
    -Billco, Fnarg.com