Hello,
The paper linked in CVE-2025-38560's analysis doesn't seem to be the correct one. At Google, we associated this to https://heracles-attack.github.io/ or https://www.usenix.org/conference/usenixsecurity25/presentation/yan-yuqin. Cohere+Reload shouln't have any kernel patch associated with it, as per AMD's bulletin.
Can folks from Oracle have a look?
Thanks!
Hello,
The paper linked in CVE-2025-38560's analysis doesn't seem to be the correct one. At Google, we associated this to https://heracles-attack.github.io/ or https://www.usenix.org/conference/usenixsecurity25/presentation/yan-yuqin. Cohere+Reload shouln't have any kernel patch associated with it, as per AMD's bulletin.
Can folks from Oracle have a look?
Thanks!