GhostRace: Exploiting And Mitigating Speculative Race Conditions
2024-3-13 23:32:11 Author: packetstormsecurity.com(查看原文) 阅读量:8 收藏

Race conditions arise when multiple threads attempt to access a shared resource without proper synchronization, often leading to vulnerabilities such as concurrent use-after-free. To mitigate their occurrence, operating systems rely on synchronization primitives such as mutexes, spinlocks, etc. In this paper, the authors present GhostRace, the first security analysis of these primitives on speculatively executed code paths. Their key finding is that all the common synchronization primitives can be microarchitecturally bypassed on speculative paths, turning all architecturally race-free critical regions into Speculative Race Conditions (SRCs).


文章来源: https://packetstormsecurity.com/files/177568/ghostrace_sec24.pdf
如有侵权请联系:admin#unsafe.sh