SLAM Attack: New Spectre-based Vulnerability Impacts Intel, AMD, and Arm CPUs
Dec 09, 2023
Cyber Threat / Hardware Security
Researchers from the Vrije Universiteit Amsterdam have disclosed a new side-channel attack called SLAM that could be exploited to leak sensitive information from kernel memory on current and upcoming CPUs from Intel, AMD, and Arm. The attack is an end-to-end exploit for Spectre based on a new feature in Intel CPUs called Linear Address Masking ( LAM ) as well as its analogous counterparts from AMD (called Upper Address Ignore or UAI ) and Arm (called Top Byte Ignore or TBI ). "SLAM exploits unmasked gadgets to let a userland process leak arbitrary ASCII kernel data," VUSec researchers said , adding it could be leveraged to leak the root password hash within minutes from kernel memory. While LAM is presented as a security feature, the study found that it ironically degrades security and "dramatically" increases the Spectre attack surface , resulting in a transient execution attack, which exploits speculati...
