Rage Against The Machine Clear
Offered By: Hack In The Box Security Conference via YouTube
Course Description
Overview
Explore the latest developments in transient execution attacks and their root causes in this 40-minute conference talk from the Hack In The Box Security Conference. Delve into previously unexplored machine clear events, including Floating Point MC, Self-Modifying Code MC, Memory Ordering MC, and Memory Disambiguation MC. Discover new attack primitives like Floating Point Value Injection (FPVI) and Speculative Code Store Bypass (SCSB), and learn about an end-to-end FPVI exploit on the Mozilla SpiderMonkey JavaScript engine. Examine proposed mitigations for these attack primitives and their performance impact. Gain insights into a new root cause-based classification of known transient execution paths, presented by Ph.D. researchers Enrico Barberis and Hany Ragab from the System Security Group at Vrije Universiteit Amsterdam.
Syllabus
Intro
Side Channels 101
Bad Speculation
Rage Against The Machine Clear
Security Analysis of Machine Clear
Self-Modifying Code Machine Clear
Speculative Code Store Bypass (SCSB)
Memory Ordering Machine Clear
Floating-Point Machine Clear
3. Memory Leak
4. ASLR Bypass
Floating-Point Value Injection (FPVI)
Memory Disambiguation Machine Clear
Transient Execution Capabilities
Root-Cause Classification of Transient Execution
Disclosure & Affected CPUs
Taught by
Hack In The Box Security Conference
Related Courses
Browser Hacking With ANGLEHack In The Box Security Conference via YouTube Can A Fuzzer Match A Human
Hack In The Box Security Conference via YouTube Biometrics System Hacking in the Age of the Smart Vehicle
Hack In The Box Security Conference via YouTube ICEFALL - Revisiting A Decade Of OT Insecure-By-Design Practices
Hack In The Box Security Conference via YouTube Fuzzing the MCU of Connected Vehicles for Security and Safety
Hack In The Box Security Conference via YouTube