New Side-Channel Attack Created - Exploiting Security Vulnerabilities In AMD, ARM, And Intel CPUs

Academic researchers unveiled SLAM, a novel side-channel attack exploiting security-enhancing hardware features in upcoming Intel, AMD, and Arm CPUs. SLAM, a transient execution attack, leverages a memory feature allowing untranslated address bits in 64-bit linear addresses for metadata storage. CPU vendors use different terms for this feature—Intel's Linear Address Masking (LAM), AMD's Upper Address Ignore (UAI), and Arm's Top Byte Ignore (TBI). Originating from Spectre and based on LAM, the SLAM attack was identified by VUSec Group researchers at Vrije Universiteit Amsterdam, who demonstrated its viability by emulating Intel's LAM on a previous-generation Ubuntu system. SLAM primarily affects forthcoming chips meeting specific criteria due to a lack of robust canonicality checks in their designs, notwithstanding the improved memory security features they introduce, such as LAM, UAI, and TBI, which concurrently introduce exploitable micro-architectural race conditions. Read more...