Kernel page-table isolation
From Wikipedia, the free encyclopedia
"KPTI" redirects here. For other uses, see KPTI (disambiguation).
Kernel page-table isolation (KPTI or PTI,[1] previously called KAISER)[2][3] is a Linux kernel feature that mitigates the Meltdown security vulnerability (affecting mainly Intel's x86 CPUs)[4] and improves kernel hardening against attempts to bypass kernel address space layout randomization (KASLR). It works by better isolating user space and kernel space memory.[5][6] KPTI was merged into Linux kernel version 4.15,[7] and backported to Linux kernels 4.14.11, 4.9.75, and 4.4.110.[8][9][10] Windows[11] and macOS[12] released similar updates. KPTI does not address the related Spectre vulnerability.[13]