Security News > 2024 > March > GhostRace – New Data Leak Vulnerability Affects Modern CPUs
2024-03-15 17:46
A group of researchers has discovered a new data leakage attack impacting modern CPU architectures supporting speculative execution. Dubbed GhostRace (CVE-2024-2193), it is a variation of the transient execution CPU vulnerability known as Spectre v1 (CVE-2017-5753). The approach combines speculative execution and race conditions. "All the common synchronization primitives implemented
News URL
https://thehackernews.com/2024/03/ghostrace-new-data-leak-vulnerability.html
Related news
- Hardware-level Apple Silicon vulnerability can leak cryptographic keys (source)
- New "GoFetch" Vulnerability in Apple M-Series Chips Leaks Secret Encryption Keys (source)
- New GoFetch Vulnerability in Apple’s M Chips Allows Secret Keys Leak on Compromised Computers (source)
- Shopping platform PandaBuy data leak impacts 1.3 million users (source)
- Week in review: 73M customers affected by AT&T data leak, errors led to US govt inboxes compromise (source)
- Home Depot confirms worker data leak after miscreant dumps info online (source)
- Cerebral to pay $7 million settlement in Facebook pixel data leak case (source)
- UnitedHealth confirms it paid ransomware gang to stop data leak (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-15 | CVE-2024-2193 | A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. | 0.0 |
| 2018-01-04 | CVE-2017-5753 | Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. | 4.7 |