tags:side_channelstatic_analysisgraphQLspectre original link: Finding Gadgets for CPU Side-Channels with Static Analysis Tools newsletter link: exploits.club Weekly Newsletter 10
Exploits Club Summary:
@pwningsystems and @fkaasan released research this week into using static analysis tools to find Spectre-V1 gadgets. The post walks through the CodeQL query they put together, as well as the two gadgets (CVE-2023-0458, CVE-2023-0459) they uncovered