Arm CPUs impacted by rare side-channel attack

Arm

Chipmaker Arm has issued guidance to software developers this week detailing mitigations against a new vulnerability discovered in its Armv8-A (Cortex-A) CPU architecture.

Codenamed SLS (standing for Straight-Line Speculation), this bug is a classic side-channel speculative execution attack.

Speculative execution refers to the concept of CPUs processing data in advance for speed and performance reasons and then discarding the computational branches they don’t need. Side-channel attacks in speculative execution allow malicious threat actors to leak (steal) these temporary computations and see what the CPU might be working on.

The Spectre and Meltdown bugs were the first speculative execution side-channel attacks that were ever disclosed, when they become public, in early January 2018.

SLS, another form of the Spectre bug

In a document [PDF] published on Monday, Arm says SLS is another form of the original Spectre vulnerability. While the original Spectre bug impacted CPUs from all major chipmakers, SLS impacts Arm Armv-A processors only.

On impacted processors, Arm says that while computing operations in advance part of the speculative execution process, when there’s a change in the Arm CPU’s instruction control flow, the CPU reacts by executing instructions found linearly in its memory, past the change in the control flow — an unwanted scenario.

However, while the SLS bug’s description looks pretty bad, Arm says that at present, the security risk from an SLS attack is actually low.

“This would be difficult to exploit in practice, and a practical exploit has yet to be demonstrated,” the chipmaker wrote in an SLS FAQ page. However, Arm says that the possibility of a successful practical attack “cannot be dismissed.”

Arm has supplied patches to various FOSS projects

In the meantime, the company has been working since last year to fix this issue. Is engineers have contributed patches to various software projects and operating systems, including FreeBSD, OpenBSD, Trusted Firmware-A, and OP-TEE. These patches should block exploit attempts at the firmware/OS level.

However, Arm has done more. The company has also contributed patches to GCC and LLVM, two of today’s most popular code compilers. The patches are meant to prevent developers from compiling code that may be vulnerable to this attack and limit its spread in real-world code.

Unlike Spectre and Meltdown, Arm says these patches aren’t likely to cause any unwanted performance impact.

Arm said the SLS vulnerability was discovered by security researchers participating in Google SafeSide, a project exploring side-channel attacks caused by hardware-related factors.

SLS is also known as CVE-2020-13844 identifier, a code used for tracking security bugs.

About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

E-Crypto News Executive Interviews



Automated trading with HaasBot Crypto Trading Bots

Crypto Scams

Millions in Cryptocurrency Stolen by Scammers in the Last Month According to Tenable Research
November 24, 2021
Behind The Scenes: How this Crypto Community Responded to + $50m Hack
October 18, 2021
Crypto Scams
Crypto Scams Still Persistent In 2021, SEC Warns About Red Flags To Watch
September 9, 2021
Poly Network
Here’s How Hackers Stole Over $600 million in the Poly Network Attack
August 12, 2021
The World’s Most Infamous Crypto Hacks and Scams
July 31, 2021

Blockchain/Cryptocurrency Questions and Answers

Crypto casinos
How Does Bitcoin Casino Work + 2021 Beginner’s Guide
November 8, 2021
Cryptocurrency
How to Buy and Sell Cryptocurrency
November 8, 2021
What Are Bitcoin Futures And How Will They Work In 2022?
November 4, 2021
Ethereum
The Unconventional Guide to Ethereum
October 28, 2021
ICo Presale
The Science Behind ICO Presales…
October 14, 2021


CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin53,639 0.20 % 5.56 % 8.93 %
Ethereum4,222.7 0.17 % 7.10 % 6.49 %
Binance Coin594.56 0.26 % 4.56 % 6.83 %
Tether0.9986 0.03 % 0.08 % 0.23 %
Solana211.78 1.54 % 10.03 % 0.95 %
Cardano1.560 0.81 % 9.25 % 7.02 %
XRP0.9249 0.20 % 5.42 % 11.28 %
USD Coin1.000 0.14 % 0.20 % 0.17 %
Polkadot30.87 2.19 % 17.29 % 10.73 %
Dogecoin0.2215 0.68 % 1.42 % 7.23 %

bitcoin
Bitcoin (BTC) $ 53,597.00
ethereum
Ethereum (ETH) $ 4,238.73
binance-coin
Binance Coin (BNB) $ 595.06
tether
Tether (USDT) $ 1.00
solana
Solana (SOL) $ 214.83
cardano
Cardano (ADA) $ 1.57
xrp
XRP (XRP) $ 0.92692
usd-coin
USD Coin (USDC) $ 0.998026
polkadot
Polkadot (DOT) $ 33.85
dogecoin
Dogecoin (DOGE) $ 0.200841