what happens when your CPU has a bug? (GhostWrite)

What happens when you have a bug in your CPU? Today we are looking at GhostWrite, a RISC-V vulnerability affecting multiple CPU vendors, particuarly related to the vector instructions. Using some PoC code, we'll crash the system, modify a process, and even read arbitrary memory! You can even try this yourself with my provided code + the right board. We'll also take a look at how the CISPA researchers discovered this vulnerability via Differential Fuzzing; a fairly new technique in the CPU space. --- PoC Code Repo: https://github.com/LaurieWired/GhostWriteExploit --- Follow LaurieWired on Social Media: ►https://linktr.ee/lauriewired --- Timestamps: 00:00 Intro 00:50 Classes of Vulnerability 01:52 Differential Fuzzing 03:39 Trigger System Crash 04:55 Docker Isolation (Fail!) 05:44 Manipulating Processes 06:51 Reading Arbitrary Memory 07:58 Mitigation + Conclusion --- Resources on GhostWrite: Original Paper: https://ghostwriteattack.com/riscvuzz.pdf RISC-V Vector Overview: https://www.youtube.com/watch?v=Ozj_xU0rSyY Memory Paging Overview: https://www.youtube.com/watch?v=vc79sJ9VOqk