osdir.com


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Spectre/Meltdown bug affecting Python ?


My understanding of this vulnerability is that speculative indirect 
calls in Linux kernel can be used to extract/filter memory content via 
side-channels.

So, is it time to implement --enable-retpoline to CPython ? [1]

Etienne

1. 
https://www.bleepingcomputer.com/news/google/google-unveils-new-retpoline-coding-technique-for-mitigating-spectre-attacks/


Le 2018-01-06 ? 05:42, Etienne Robillard a ?crit?:
> Hi all,
>
> What do you think about the latest Spectre/Meltdown security flaw 
> found in Intel processors and Apple smartphones?
>
> Are Python 2.7 and 3.6 affected by speculative execution side-channel 
> attacks when using the Linux kernel and Intel CPUs?
>
>
> Best regards,
>
> Etienne
>

-- 
Etienne Robillard
tkadm30 at yandex.com
https://www.isotopesoftware.ca/