The Thunderclap vulnerabilities
The Thunderclap vulnerabilities
Posted Mar 13, 2019 15:21 UTC (Wed) by nybble41 (subscriber, #55106)In reply to: The Thunderclap vulnerabilities by rweikusat2
Parent article: The Thunderclap vulnerabilities
The page cache would need to be separate for each *device*, not each driver. A device snooping on itself may be harmless, but the same is not necessarily true for snooping on other devices managed by the same driver. Besides the fact that one driver might manage multiple brands and models of devices, some more trustworthy than others, one can also envision e.g. a system with two identical NICs surreptitiously snooping on each other and transmitting internal network data over the external network.
Posted Mar 13, 2019 19:17 UTC (Wed)
by rweikusat2 (subscriber, #117920)
[Link]
A driver capable of managing more than one device would obviously need one cache per currently managed device. Do you think somebody wouldn't immediately recognize this if such a driver was under discussion?
The Thunderclap vulnerabilities
> The page cache would need to be separate for each *device*, not each driver.