Academics from multiple universities have announced fixes for two severe security flaws known as Spectre and Rowhammer.
Both these fixes are at the software level, meaning they don't require CPU or RAM vendors to alter products, and could, in theory, be applied as basic software patches.
Spectre v1 fix for Linux
The first of these new mitigation mechanisms was
announces on Thursday, last week. A research team from Dartmouth College in New Hampshire says it created a fix for Spectre Variant 1 (CVE-2017-5753), a vulnerability discovered at the start of the year affecting modern CPUs.
Their fix uses
ELFbac, an in-house-developed Linux kernel patch that brings access control policies to runtime virtual memory accesses of Linux processes, at the level of ELF binary executables.
"The solution developed at Dartmouth uses ELFbac to securely partition a program's address space," researchers said. "This approach ensures that all data and code – including user secrets – are isolated from each other."
"The ELFbac policy approach denies access to Spectre and results in processing that is generally more secure," researchers added.
In an email to Bleeping Computer, a Dartmouth College spokesperson said the team is currently working on a paper to describe the research in more depth, and a dedicated website that will feature more details will be completed over the next couple of days.
