Cache poisoning refers to a computer security vulnerability where invalid entries can be placed into a cache, which are then assumed to be valid when later used.[1] Two common varieties are DNS cache poisoning[2] and ARP cache poisoning. Web cache poisoning involves the poisoning of web caches[3] (which has led to security issues in programming languages, including all Python versions at the time in 2021, and expedited security updates[4]). Attacks on other, more specific, caches also exist.[5][6][7]
^Nguyen, Hoai Viet; Iacono, Luigi Lo; Federrath, Hannes (6 November 2019). "Your Cache Has Fallen: Cache-Poisoned Denial-of-Service Attack". Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. pp. 1915–1936. doi:10.1145/3319535.3354215. ISBN9781450367479. S2CID207958900.
^Hensler, Christopher; Tague, Patrick (15 May 2019). "Using bluetooth low energy spoofing to dispute device details". Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks. pp. 340–342. doi:10.1145/3317549.3326321. ISBN9781450367264. S2CID160010874.
^Daswani, Neil; Garcia-Molina, Hector (2004). "Pong-cache poisoning in GUESS". Proceedings of the 11th ACM conference on Computer and communications security. pp. 98–109. doi:10.1145/1030083.1030099. ISBN1581139616. S2CID416914.