Smashing the TLB for fun and profit – Daniel Fernández Kuehr & Gottfrid Svartholm

Smashing the TLB for fun and profit – Daniel Fernández Kuehr & Gottfrid Svartholm

Daniel Fernández Kuehr & Gottfrid Svartholm

We start by detailing our discovery and analysis of a (then 0day) CPU bug affecting almost all modern Intel CPUs. From this, we delve into the largely uncharted territory of bugs and misbehavior in the virtual memory implementation – paging and TLB – of modern CPUs. While traditionally only seen as a cause of stability issues, virtualization – specifically SLAT (EPT) – now means they have a very real security impact. These are often bugs in the actual hardware of the CPU. At best, there are ways to mitigate them in software. At worst, they are simply impossible to fix without replacing the CPU.


Daniel Fernández Kuehr: Daniel is a seasoned security researcher with over 15 years of experience in the industry. He’s worked for notable companies like Immunity and Blue Frost Security. Throughout his career, he has specialized in discovering and exploiting vulnerabilities across a wide spectrum of targets. Recently, his focus has been on hypervisors, particularly on challenging targets like Hyper-V. Currently, he is pivoting his interests towards cryptocurrency, with a specific fascination for zkSNARKs.

Gottfrid Svartholm: While perhaps most well-known for his work in peer-to-peer technology and vulnerability discovery/exploitation in mainframe systems, Gottfrid have a long and diverse background. Currently, Gottfrid perform a wide range of development and auditing work, but his main focus is hypervisors, embedded, and safety critical systems.

More Upcoming Events

No hay próximos eventos en este momento.