Meltdown (BlackHat USA 2018) was the first instance of a hardware vulnerability which broke the security guarantees of modern CPUs. Meltdown allowed attackers to leak arbitrary memory by exploiting that Intel CPUs use lazy fault handling and continue transient execution with data retrieved by faulting loads. With stronger kernel isolation, a software workaround to prevent Meltdown attacks, and new CPUs with this vulnerability fixed, Meltdown seemed to be a solved issue.

In this talk, we show that Meltdown is still an issue, on current off-the-shelf CPUs. We present ZombieLoad, a Meltdown-type attack which leaks data across multiple privilege boundaries: processes, kernel, SGX, hyperthreads, and even across virtual machines. We show that Meltdown mitigations do not affect ZombieLoad.
The ZombieLoad attack can be mounted without any user interactions from an unprivileged application, both on Linux and Windows.

To demonstrate the danger of the ZombieLoad attack, we present multiple attacks, such as monitoring the browsing behavior, stealing cryptographic keys, and leaking the root-password hash on Linux. In a live demo, we show that such attacks are not only practical but also easy to mount. We will then discuss mitigations against the ZombieLoad attack.

We outline challenges for future research on Meltdown-type attacks and mitigations. Finally, we will discuss the short-term and long-term implications for hardware vendors, software vendors, and users.

Rent a Jet Ski to zip around the bay on! Just meet at the dock next to the event venue. Includes an hour of usage and training with the sports center staff.

Check-In at the lawn in front of the MBSC