pith. sign in

arxiv: 1801.01207 · v1 · pith:U2HMZRC5new · submitted 2018-01-03 · 💻 cs.CR

Meltdown

Moritz Lipp , Michael Schwarz , Daniel Gruss , Thomas Prescher , Werner Haas , Stefan Mangard , Paul Kocher , Daniel Genkin
show 2 more authors
Yuval Yarom Mike Hamburg
This is my paper
classification 💻 cs.CR
keywords meltdownprocessorssecurityaddressaffectedattackcomputerevery
0
0 comments X p. Extension
pith:U2HMZRC5 Add to your LaTeX paper What is a Pith Number? 
\usepackage{pith}
\pithnumber{U2HMZRC5}

Prints a linked pith:U2HMZRC5 badge after your title and writes the identifier into PDF metadata. Compiles on arXiv with no extra files. Learn more

read the original abstract

The security of computer systems fundamentally relies on memory isolation, e.g., kernel address ranges are marked as non-accessible and are protected from user access. In this paper, we present Meltdown. Meltdown exploits side effects of out-of-order execution on modern processors to read arbitrary kernel-memory locations including personal data and passwords. Out-of-order execution is an indispensable performance feature and present in a wide range of modern processors. The attack works on different Intel microarchitectures since at least 2010 and potentially other processors are affected. The root cause of Meltdown is the hardware. The attack is independent of the operating system, and it does not rely on any software vulnerabilities. Meltdown breaks all security assumptions given by address space isolation as well as paravirtualized environments and, thus, every security mechanism building upon this foundation. On affected systems, Meltdown enables an adversary to read memory of other processes or virtual machines in the cloud without any permissions or privileges, affecting millions of customers and virtually every user of a personal computer. We show that the KAISER defense mechanism for KASLR has the important (but inadvertent) side effect of impeding Meltdown. We stress that KAISER must be deployed immediately to prevent large-scale exploitation of this severe information leakage.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 2 Pith papers

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. Debug Like a Human: Scaling LLM-based Fault Localization to Processor Design via Block-Level Instruction-Oriented Slicing

    cs.SE 2026-05 unverdicted novelty 7.0

    BluesFL uses block-level instruction-oriented slicing with LLMs to localize 24 bugs at Top-1 in a 19K-line RISC-V processor, a 242.9% gain over prior SOTA of 7 bugs.

  2. DALC-CT: Dynamic Analysis of Low-Level Code Traces for Constant-Time Verification

    cs.CR 2026-04 unverdicted novelty 6.0

    DALC-CT verifies constant-time behavior in binaries by detecting variations in instruction mix distributions from low-level execution traces across multiple inputs.