Jump to content

Linux vs. Zombieload


Recommended Posts


More attack vectors have been discovered in Intel CPUs. Linux kernel devs frantically develop patches:




Reading between the lines, except for people running stand-alone Linux desktops, Canonical recommended you make the patches and disable hyper-threading.


This also means Linux-based containers and VMs are also open to attack. To protect yourself, you'll need to patch the following Linux files: Kernel, kernel-rt, libvirt, qemu-kvm, qemu-kvm-rhev, and microcode_clt on all your systems. In particular, there's a known attack vector for CE-2018-12130, which enables a malicious VM or container spy another containers or VMs. In other words, you must patch all your running containers and VMs on a server -- or one bad apple can reveal the data in the patched ones.



Unlike the earlier Meltdown and Spectre problems, Intel was given time to ready itself for this problem. Intel has released microcode patches. These help clear the processor's buffers, thus preventing data from being read.

To defend yourself, your processor must be updated, your operating system must be patched, and for the most protection, Hyper-Threading disabled. When Meltdown and Spectre showed up, the Linux developers were left in the dark and scrambled to patch Linux. This time, they've been kept in the loop.



Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...