[GTALUG] python sweetness — The mysterious case of the Linux Page Table

Dhaval Giani dhaval.giani at gmail.com
Thu Jan 4 00:10:38 EST 2018

On Wed, Jan 3, 2018 at 11:53 PM John Sellens via talk <talk at gtalug.org>

> One could assert that the days of time sharing systems are largely over,
> at least on production systems that people care about.
> And I think it's fair to say that it has been good practice for quite
> some time to not allow random binaries to run on systems you care about.
> I have no idea whether hypervisors (like xen or esxi) are vulnerable.
> But the same guidelines can be applied to VMs running on hypervisors.

Xen and kvm are both affected.

> I wonder how exploitable this problem really is?

Meltdown already has some exploits around that I am seeing. I also believe
there is some poc code out there to exploit it. One of which I believe is
executing JavaScript in your web browser to get kernel space data.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gtalug.org/pipermail/talk/attachments/20180104/45bdaab3/attachment.html>

More information about the talk mailing list