(lwn.net)

186 points ahlCVA | 1 comments | 19 Sep 25 15:29 UTC | HN request time: 0.406s | source

Show context

IAmLiterallyAB ◴[19 Sep 25 23:25 UTC] No.45308000[source]▶

What's preventing a compromised kernel on one core from hijacking the other cores? This doesn't seem like much of a security boundary

replies(2): >>45308133 #>>45308489 #

1. viraptor ◴[19 Sep 25 23:42 UTC] No.45308133[source]▶

>>45308000 #

Nothing prevents it if you achieve code execution. But where it helps is scenarios like syscall / memory mapping exploits where a user process can only affect resources attached to their current kernel. For example https://dirtycow.ninja/ would have a limited scope.

↑

Kernel: Introduce Multikernel Architecture Support