Global News Embargo on major CPU security issues

There is currently a global security embargo on the latest huge global security threat which some are calling by some variation of the term “CPU” (central processing unit)

All CPU’s (Intel/AMD) are affected by the security issues as the attack vector is virtual memory. Most at risk are cloud systems where physical memory is mapped and potential exploits may affect containers. Desktop and stand alone servers may also use virtual memory and there are published exploits for pure javascript unmasking ASLR (address space layout randomization) which could be used to attack web browser memory.

The biggest reason why it is suspected that this is a hardware CPU security issue is because some patches do additional checks at boot time. Also, only a few major software providers are suddenly making large changes to memory page tables, without much public discussion on such huge architectural changes.

Hackers are speculating that a poc for a hypervisor priviledge escalation may be released early in the new year.

References: IRC, sec dark web, source code: new Rowhammer one-location plus variant, boot patches to Linux kernel, patches to Microsoft NT, redacted comments in source and educated speculation.