Arm CPUs impacted by rare side-channel attack


Chipmaker Arm has issued guidance to software developers this week detailing mitigations against a new vulnerability discovered in its Armv8-A (Cortex-A) CPU architecture.

Codenamed SLS (standing for Straight-Line Speculation), this bug is a classic side-channel speculative execution attack.

Speculative execution refers to the concept of CPUs processing data in advance for speed and performance reasons and then discarding the computational branches they don’t need. Side-channel attacks in speculative execution allow malicious threat actors to leak (steal) these temporary computations and see what the CPU might be working on.

The Spectre and Meltdown bugs were the first speculative execution side-channel attacks that were ever disclosed, when they become public, in early January 2018.

SLS, another form of the Spectre bug

In a document [PDF] published on Monday, Arm says SLS is another form of the original Spectre vulnerability. While the original Spectre bug impacted CPUs from all major chipmakers, SLS impacts Arm Armv-A processors only.

On impacted processors, Arm says that while computing operations in advance part of the speculative execution process, when there’s a change in the Arm CPU’s instruction control flow, the CPU reacts by executing instructions found linearly in its memory, past the change in the control flow — an unwanted scenario.

However, while the SLS bug’s description looks pretty bad, Arm says that at present, the security risk from an SLS attack is actually low.

“This would be difficult to exploit in practice, and a practical exploit has yet to be demonstrated,” the chipmaker wrote in an SLS FAQ page. However, Arm says that the possibility of a successful practical attack “cannot be dismissed.”

Arm has supplied patches to various FOSS projects

In the meantime, the company has been working since last year to fix this issue. Is engineers have contributed patches to various software projects and operating systems, including FreeBSD, OpenBSD, Trusted Firmware-A, and OP-TEE. These patches should block exploit attempts at the firmware/OS level.

However, Arm has done more. The company has also contributed patches to GCC and LLVM, two of today’s most popular code compilers. The patches are meant to prevent developers from compiling code that may be vulnerable to this attack and limit its spread in real-world code.

Unlike Spectre and Meltdown, Arm says these patches aren’t likely to cause any unwanted performance impact.

Arm said the SLS vulnerability was discovered by security researchers participating in Google SafeSide, a project exploring side-channel attacks caused by hardware-related factors.

SLS is also known as CVE-2020-13844 identifier, a code used for tracking security bugs.

About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

For a Hedge Against Inflation - Click the Rocket!

E-Crypto News Executive Interviews

Blockchain/Cryptocurrency Questions and Answers

What Are Crypto Index Funds?
What Are Crypto Index Funds?
January 19, 2023
Can You Make Money Anymore With Crypto in 2023?
January 13, 2023
What Is Stagflation And How Does It Affect The Crypto Markets?
What Is Stagflation And How Does It Affect The Crypto Markets?
January 12, 2023
passive crypto
How To Minimize Risks When Investing in Crypto
December 28, 2022
Be Aware of the Crypto Market 7 Latest Trends
December 19, 2022

Automated trading with HaasBot Crypto Trading Bots

CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin22,705 1.05 % 2.31 % 7.70 %
Ethereum1,566.1 1.49 % 3.37 % 1.01 %
Tether0.9996 0.01 % 0.11 % 0.08 %
USD Coin1.000 0.44 % 0.25 % 0.18 %
BNB283.64 0.09 % 0.32 % 2.79 %
XRP0.4687 0.46 % 4.02 % 4.38 %
Binance USD1.000 0.15 % 0.14 % 0.18 %
Cardano0.3715 1.27 % 2.48 % 9.43 %
Dogecoin0.08490 1.31 % 2.21 % 3.89 %
Polygon1.079 1.68 % 7.82 % 13.39 %

Bitcoin (BTC) $ 22,905.14
Ethereum (ETH) $ 1,585.09
Tether (USDT) $ 1.00
USD Coin (USDC) $ 1.00
BNB (BNB) $ 302.36
XRP (XRP) $ 0.406323
Binance USD (BUSD) $ 1.00
Cardano (ADA) $ 0.375411
Dogecoin (DOGE) $ 0.085744
Polygon (MATIC) $ 1.08