Aug 13, 03:33 AM

GhostWrite and SLUBStick Vulnerabilities in T-Head C910 and C920 RISC-V CPUs Allow Full Device Takeover

Researchers have identified a significant vulnerability, named GhostWrite, affecting T-Head's XuanTie C910 and C920 RISC-V CPUs. This flaw permits unprivileged attackers to read and write any part of a device's memory and control peripheral devices, such as network cards. The vulnerability poses a serious risk, as it enables full device takeover, allowing unauthorized access to affected systems. Additionally, another vulnerability called SLUBStick has been reported, which involves arbitrary memory writes through practical software cross-cache attacks within the Linux kernel. The implications of these vulnerabilities underscore the need for heightened cybersecurity measures in devices utilizing these CPUs.

#GhostWrite #XuanTie C910 #C920 #Linux

Written with ChatGPT (GPT-4o mini).

Sources

Infosec Alevski 💻🕵️‍♂️@Alevskey
1 year ago
GhostWrite: New T-Head CPU Bugs Expose Devices to Unrestricted Attacks: https://t.co/acqAhrKvfQ by The Hacker News #infosec #cybersecurity #technology #news
The Hacker News@TheHackersNews
1 year ago
Researchers have uncovered a critical vulnerability, dubbed GhostWrite, in T-Head’s XuanTie C910 and C920 RISC-V CPUs that could allow attackers to gain full access to affected devices. Read: https://t.co/kxwA7LZcJO #cybersecurity
Nicolas Krassas@Dinosn
1 year ago
GhostWrite: New RISC-V Vulnerability Enables Full Device Takeover https://t.co/r1aPP8ZEmW

GhostWrite and SLUBStick Vulnerabilities in T-Head C910 and C920 RISC-V CPUs Allow Full Device Takeover

Sources

Additional media

Similar Stories