"GhostWrite: New T-Head CPU Bugs Expose Devices to Unrestricted Attacks"

A team of researchers from Germany's CISPA Helmholtz Center for Information Security discovered an architectural flaw, codenamed "GhostWrite," affecting the Chinese chip company T-Head's XuanTie C910 and C920 RISC-V CPUs. Attackers could exploit the bug to gain unrestricted access to vulnerable devices. The GhostWrite vulnerability is a direct CPU bug embedded in the hardware instead of a side-channel or transient execution attack. According to the researchers, this vulnerability allows unprivileged attackers to read and write any part of the computer's memory as well as control peripheral devices such as network cards. GhostWrite renders the CPU's security features ineffective, and fixing it requires disabling about half of the CPU's functionality. This article continues to discuss findings regarding the GhostWrite vulnerability.

THN reports "GhostWrite: New T-Head CPU Bugs Expose Devices to Unrestricted Attacks"

Submitted by grigby1