for readers missing the significance of the number 4 in the proof of concept: to demonstrate this vulnerability the researchers created a microcode update which replaces the “hardware” random number generator behind the RDRAND instruction with an implementation of xkcd#221 😭
In practical terms, can someone explain what this means? Ring 0 from outside a VM.
That would mean that if I were to have an image of an OS, as long as I have local admin while loading this on a VM, I would be able to run code as root?
Pretty sure it means the equivalent of root on baremetal (ie ring 0 in a vm is still safe).
Pretty sure on top of that anyone with that access can essentially rewrite your CPU’s brain, allowing ring 0 access even after (for example) selling the CPU.
Didn’t think anyone was gonna get back to me on this, thanks Tiddy.
If you had ring 0 on the bare metal, isn’t it safe to assume that anything that bare metal has, including installed vms is also compromised or easily compromisable?
I’m not too knowledgeable on security yet but this interested me