What could possibly go wrong with <insert x86 instruction here>?

Side effects include side-channel attacks and bypassing kernel ASLR

Clémentine Maurice and Moritz Lipp

Hardware is often considered as an abstract layer that behaves correctly, just executing instructions and outputting a result. However, the internal state of the hardware leaks information about the programs that are executing. In this talk, we focus on how to extract information from the execution of simple x86 instructions that do not require any privileges. Beyond classical cache-based side-channel attacks, we demonstrate how to perform cache attacks without a single memory access, as well as how to bypass kernel ASLR. This talk does not require any knowledge about assembly. We promise.



These files contain multiple languages.

This Talk was translated into multiple languages. The files available for download contain all languages as separate audio-tracks. Most desktop video players allow you to choose between them.

Please look for "audio tracks" in your desktop video player.