Hi everyone,
Today we published 2 security advisories addressing 3 CVEs. In support of INTEL-SA-00598, we also published a technical paper entitled “Branch History Injection and Intra-mode Branch Target Injection: Overview and Mitigation Recommendations“. It is important to note that the primary mitigation recommendation described was already the default for most Linux distributions. Intel worked with the Linux community to add the ability to disable unprivileged eBPF to the upstream Linux kernel starting with version 5.16. It has also been backported to earlier versions.
To help get a better understanding of the issues addressed in INTEL-SA-00598, in the Chips & Salsa video below, CRob and I talk to Intel subject matter experts Jason Brandt, who is an Intel CPU Architect, and Alyssa Milburn, who is an offensive security researcher on the Intel STORM team:
For the complete list of today’s advisories, please visit our security center.
Regards,
Jerry Bryant
Sr. Director
Intel Product Assurance and Security
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.