Can a meltdown attack also violate data integrity of other processes or is it just violating data secrecy?



  • Can a meltdown attack also violate data integrity of other processes by obtaining different passwords or is it just violating data secrecy by reading data it is unauthorized to do?



  • Meltdown does not directly impact integrity, but it totally violates confidentiality. Whether or not the violation of confidentiality is sufficient to also violate integrity (e.g. read root password, become root, and load malicious kernel module) depends entirely on your system.

    In other words, Meltdown on its own is exclusively a read vulnerability, not a write vulnerability.



Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2