(lwn.net)

186 points ahlCVA | 3 comments | 19 Sep 25 15:29 UTC | HN request time: 0s | source

1. IAmLiterallyAB ◴[19 Sep 25 23:25 UTC] No.45308000[source]▶

What's preventing a compromised kernel on one core from hijacking the other cores? This doesn't seem like much of a security boundary

replies(2): >>45308133 #>>45308489 #

2. viraptor ◴[19 Sep 25 23:42 UTC] No.45308133[source]▶

>>45308000 (TP) #

Nothing prevents it if you achieve code execution. But where it helps is scenarios like syscall / memory mapping exploits where a user process can only affect resources attached to their current kernel. For example https://dirtycow.ninja/ would have a limited scope.

3. ◴[20 Sep 25 00:28 UTC] No.45308489[source]▶

>>45308000 (TP) #

↑

Kernel: Introduce Multikernel Architecture Support