Description
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/96452
Exploit, Technical Description, Third Party Advisory x_refsource_misc
http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf
Exploit, Technical Description, Third Party Advisory x_refsource_misc
https://www.vusec.net/projects/anc
Scores
CVSS v3
7.5
EPSS
0.0038
EPSS Percentile
59.8%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (20)
allwinner/a64
amd/athlon_ii_640_x4
amd/e-350
amd/fx-8120_8-core
amd/fx-8320_8-core
amd/fx-8350_8-core
amd/phenom_9550_4-core
intel/atom_c2750
intel/celeron_n2840
intel/core_i5_m480
... and 10 more
Published
Feb 27, 2017
Tracked Since
Feb 18, 2026