CVE-2018-3639 PoC — AMD、ARM和Intel CPUs 信息泄露漏洞

Source

https://github.com/Shuiliusheng/CVE-2018-3639-specter-v4-

Associated Vulnerability

Title:AMD、ARM和Intel CPUs 信息泄露漏洞 (CVE-2018-3639)
Description:Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.

Description

spectre v4 : Speculative Store Bypass (CVE-2018-3639) proof of concept for Linux

Readme

# CVE-2018-3639-specter-v4
**spectre v4 : Speculative Store Bypass (CVE-2018-3639) proof of concept for Linux**

- **build:** gcc spectre-v4.cpp -o spectre

- **run:** ./spectre


- **result:**

  --------attack--------

  low than threshold:155

  low than threshold:144

  low than threshold:133

  low than threshold:0

  low than threshold:1

  --------attack--------

  low than threshold:133

  low than threshold:0

  low than threshold:1

  --------attack--------

  low than threshold:0

  low than threshold:1


- 
  **Question:**

  every time I want use the same victim function to get other secret data, it will be failed.

  I guess it is because the two  instruction will be marked dependent load and store, so it won't speculate the load instruction.

File Snapshot


 [4.0K]  /data/pocs/a1d8957024711581456e42e0f54b872cebdd3562
├── [ 766]  README.md
└── [2.0K]  spectre_v4.cpp

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!