We contemplated putting together an LWN article on the “microarchitectural
data sampling” (MDS) vulnerabilities, as we’ve done for past
speculative-execution issues. But the truth of the matter is that it’s
really more of the same, and there is a lot of material out there on the
net already. So, for those who would like to learn more, here’s a list of
page from the kernel documentation contains a fairly detailed
description of the problem and this
page has mitigation information.
describes the ZombieLoad MDS attack and, in particular, contains this paper
[PDF] from Michael Schwarz et al. with the details.
- mdsattacks.com holds academic
papers on the Fallout
[PDF] (Marina Minkin et al.) and RIDL [PDF] (Stephan
van Schaik et al.) attacks.
- Jon Masters has written an
overview article complete with a three-minute video on the
vulnerabilities and their exploits. For those wanting more Masters,
there is also a
longer video that goes deeper.
- Here is Intel’s
“deep dive” into the MDS vulnerabilities.
- Cerberus Technology has put up an
overview article that discusses some of the possible attacks
enabled by the MDS vulnerabilities.
Source: LWN.net – An MDS reading list