Vulnerability Management, Critical Infrastructure Security

Current, upcoming CPUs face SLAM side-channel attack threat

Modern CPUs, including current AMD processors, as well as upcoming offerings from Arm, AMD, and Intel with support for the Top Byte Ignore, Upper Access Ignore, and Linear Address Masking hardware-based security features are at risk of a new side-channel attack dubbed "Spectre based on a Linear Masking" or SLAM, according to SecurityWeek. Such an attack exploit, based on the Spectre BHI attack variant, could evade anti-Spectre hardware mitigations, as well as facilitate the immediate exposure of kernel memory-based root password hashes, a study from researchers at VU Amsterdam's VUSec Systems and Network Security Group. Notifications regarding the new attack technique have been sent to the semiconductor firms, with Intel poised to detail the vulnerability before launching its new processors. Both AMD and Arm noted that existing mitigations are enough to curb the exploitation of the flaw, while patches to deactivate security capabilities prior to official guidance have been released by Linux developers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.