A new side-channel vulnerability has been discovered called PortSmash that uses a timing attack that to steal information from other processes running on the same SMT/hyper-threading enabled CPU core. Utilizing this attack, researchers were able to steal the private decryption key from an OpenSSL thread running in the same core. […]
Article Link: https://www.bleepingcomputer.com/news/security/new-portsmash-hyper-threading-cpu-vuln-can-steal-decryption-keys/