CVE-2024-28956: Xen Security Advisory 469 v2: x86: Indirect Target Selection https://www.openwall.com/lists/oss-security/2025/05/12/5 A bug in the hardware support for prediction-domain isolation. An attacker might be able to infer the contents of arbitrary host memory, including memory assigned to other guests.

VUSec

@vu5ec · Twitter · 2025-05-12 17:00 UTC

Spectre v2 is back again! Disclosing "Training Solo": 3 new self-training attack classes, 2 end-to-end exploits, and 2 new hardware issues that break domain isolation even when implemented perfectly. Joint work by @SanWieb @c_giuffrida: https://vusec.net/projects/training-solo