Spectre/Meltdown impact on network devices
saku at ytti.fi
Mon Jan 8 11:30:44 UTC 2018
On 8 January 2018 at 12:41, Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote:
> the best solution, for the attacker, is probably to exploit a bug in
> the BGP parser (as we have seen with attribute 99, BGP parsers have
> bugs): with a buffer overflow, you may be able to run code you
> choose. Purely theoretical at this stage, I didn't try.
BGP runs as a privileged user, if you're already executing code as
BGP, why do you need Spectre or Meltdown? Just read the memory you're
interested in, or setup port mirror, or reroute traffic.
More information about the NANOG