(Collaborative post by Mateusz “j00ru” Jurczyk and Gynvael Coldwind) It was six weeks ago when we first introduced our effort to locate and eliminate the so-called*double fetch (e.g. time-of-check-to-time-of-use*during user-land memory access) vulnerabilities in operating system kernels through CPU-level operating system instrumentation, a project code-named “Bochspwn”*as a reference*to the x86 emulator used (bochs: The Open [...]

http://j00ru.vexillium.org/?p=1880