New SLAM attack steals sensitive data from AMD, future Intel CPUs

Academic researchers developed a new side-channel attack called SLAM that exploits hardware features designed to improve security in upcoming CPUs from Intel, AMD, and Arm to obtain the root password hash from the kernel memory.
SLAM is a transient execution attack that takes advantage of a memory feature that allows software to use untranslated address bits in 64-bit linear addresses for storing metadata.
CPU vendors implement this in different ways and have distinct terms for it.
Intel calls it Linear Address Masking, AMD names it Upper Address Ignore, and Arm refers to the feature as Top Byte Ignore.
Short for Spectre based on LAM, the SLAM attack was discovered by researchers at Systems and Network Security Group at Vrije Universiteit Amsterdam, who demonstrated its validity by emulating the upcoming LAM feature from Intel on a last-generation Ubuntu system.
According to VUSec, SLAM impacts mainly future chips that meet specific criteria.
While the advanced hardware features improve memory security and management, they also introduce exploitable micro-architectural race conditions.
The attack leverages a new transient execution technique that focuses on exploiting a previously unexplored class of Spectre disclosure gadgets, specifically those involving pointer chasing.
Gadgets are instructions in software code that the attacker can manipulate to trigger speculative execution in a way that reveals sensitive information.
Although the results of speculative execution are discarded, the process leaves traces like altered cache states which attackers can observe to infer sensitive information such as data from other programs or even the operating system.
The researchers developed a scanner with which they found hundreds of exploitable gadgets on the Linux kernel.
The following video demonstrates the attack that leaks the root password hash from the kernel.
In practical scenario, an attacker would need to execute on the target system code that interacts with the unmasked gadgets and then carefully measure the side effects using sophisticated algorithms to extract sensitive information such as passwords or encryption keys from the kernel memory.
The code and data for reproducing the SLAM attack are available on VUSec's GitHub repository.
The researchers also published a technical paper explaining how the attack works.
Vendor response to SLAM. Responding to the researchers' disclosure, Arm published an advisory explaining that its systems already mitigate against Spectre v2 and Spectre-BHB and plan no further action in response to SLAM. AMD also pointed to current Spectre v2 mitigations to address the SLAM attack described by the VUSec research group and did not provide any guidance or updates that would lower the risk.
Intel announced plans for providing software guidance before releasing future processors that support LAM, such as deploying the feature with the Linear Address Space Separation security extention for preventing speculative address accesses across user/kernel mode.
Citrix Hypervisor gets hotfix for new Reptar Intel CPU flaw.
New Reptar CPU flaw impacts Intel desktop and server systems.
New CacheWarp AMD CPU attack lets hackers gain root in Linux VMs. New iLeakage attack steals emails, passwords from Apple Safari.


This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 07 Dec 2023 00:55:36 +0000


Cyber News related to New SLAM attack steals sensitive data from AMD, future Intel CPUs

New SLAM attack steals sensitive data from AMD, future Intel CPUs - Academic researchers developed a new side-channel attack called SLAM that exploits hardware features designed to improve security in upcoming CPUs from Intel, AMD, and Arm to obtain the root password hash from the kernel memory. SLAM is a transient ...
10 months ago Bleepingcomputer.com
Fresh SLAM Attack Extracts Sensitive Data from AMD CPUs and Upcoming Intel Processors - Academic researchers have unveiled a novel side-channel attack named SLAM, designed to exploit hardware enhancements meant to bolster security in forthcoming CPUs from major manufacturers like Intel, AMD, and Arm. The attack aims to retrieve the root ...
10 months ago Cysecurity.news
SLAM Attack: New Vulnerability Targets Intel, AMD, Arm CPUs - In a groundbreaking revelation, researchers from Vrije Universiteit Amsterdam have uncovered a formidable side-channel attack known as SLAM, posing a serious threat to the security of current and future CPUs manufactured by tech giants Intel, AMD, ...
9 months ago Securityboulevard.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
1 week ago Aws.amazon.com
Microsoft December 2023 Patch Tuesday fixes 34 flaws, 1 zero-day - Today is Microsoft's December 2023 Patch Tuesday, which includes security updates for a total of 34 flaws and one previously disclosed, unpatched vulnerability in AMD CPUs. While eight remote code execution bugs were fixed, Microsoft only rated three ...
10 months ago Bleepingcomputer.com
Intel knew AVX chips were insecure and did nothing - Intel has been sued by a handful of PC buyers who claim the x86 goliath failed to act when informed five years ago about faulty chip instructions that allowed the recent Downfall vulnerability, and during that period sold billions of insecure chips. ...
10 months ago Theregister.com
Intel out-of-band patch addresses privilege escalation flaw The Register - Intel on Tuesday issued an out-of-band security update to address a privilege escalation vulnerability in recent server and personal computer chips. The flaw, designated INTEL-SA-00950 and given a CVSS 3.0 score of 8.8 out of 10, affects Intel ...
10 months ago Theregister.com
12 Software Dev Predictions for Future - Predicting the future of software development trends is always a tough call. Such trends will also rule the future of the software development industry. Analyzing these future software development trends will put enthusiasts ahead of the competition. ...
9 months ago Feeds.dzone.com
Israel $3.2bn Grant For Intel's $25 Billion Chip Factory - Intel to make its largest ever single investment in Israel, with a $25 billion chip-making factory in the south of the country. Intel and the Israeli government have confirmed plans to construct a $25 billion chip-making factory in Southern Israel. ...
9 months ago Silicon.co.uk
CVE-2022-37327 - Improper input validation in BIOS firmware for Intel(R) NUC, Intel(R) NUC Performance Kit, Intel(R) NUC Performance Mini PC, Intel(R) NUC 8 Compute Element, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board, Intel(R) NUC 11 Compute Element, Intel(R) NUC ...
1 year ago
Chipmaker Patch Tuesday: Intel, AMD Address New Microarchitectural Vulnerabilities - Chipmakers Intel and AMD have published 10 new security advisories this Patch Tuesday to inform customers about vulnerabilities impacting their products. Intel published eight new advisories, including two that describe high-severity vulnerabilities. ...
6 months ago Securityweek.com
Attack Vector vs Attack Surface: The Subtle Difference - Cybersecurity discussions about "Attack vectors" and "Attack surfaces" sometimes use these two terms interchangeably. This article guides you through the distinctions between attack vectors and attack surfaces to help you better understand the two ...
1 year ago Trendmicro.com
Latest Intel CPUs impacted by new Indirector side-channel attack - Modern Intel processors, including chips from the Raptor Lake and the Alder Lake generations are susceptible to a new type of a high-precision Branch Target Injection attack dubbed 'Indirector,' which could be used to steal sensitive information from ...
3 months ago Bleepingcomputer.com
Latest Intel CPUs impacted by new Indirector side-channel attack - Modern Intel processors, including chips from the Raptor Lake and the Alder Lake generations are susceptible to a new type of a high-precision Branch Target Injection attack dubbed 'Indirector,' which could be used to steal sensitive information from ...
3 months ago Bleepingcomputer.com
Apple's AI Moves Will Impact Future Chip, Cloud Security Plans - The measures Apple has implemented to prevent customer data theft and misuse by artificial intelligence will have a marked impact on hardware security, especially as AI becomes more prevalent on customer devices, analysts say. Apple emphasized ...
3 months ago Darkreading.com
What the Future Holds for Data Security - Data security refers to protective measures used to prevent unauthorized access to sensitive personal and business data. Data security is not just about keeping hackers at bay. It also covers practices like data encryption, data masking, data loss ...
10 months ago Securityboulevard.com
KyberSlash attacks put quantum encryption projects at risk - Multiple implementations of the Kyber key encapsulation mechanism for quantum-safe encryption, are vulnerable to a set of flaws collectively referred to as KyberSlash, which could allow the recovery of secret keys. CRYSTALS-Kyber is the official ...
9 months ago Bleepingcomputer.com
Renewable Energy Technology: Powering the Future - Engage in the discussion on how renewable energy technology is set to revolutionize our world and reshape the energy landscape for future generations. From rooftop solar panels to large solar farms, this renewable technology is leading us towards ...
6 months ago Securityzap.com
Building a Sustainable Data Ecosystem - Finally, I outline future research and policy refinement directions, advocating for a collaborative and responsible approach to building a sustainable data ecosystem in generative AI. In recent years, generative AI has emerged as a transformative ...
6 months ago Feeds.dzone.com
CVE-2019-19083 - Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in ...
4 years ago
New Microsoft Purview features use AI to help secure and govern all your data - More than 90% of organizations use multiple cloud infrastructures, platforms, and services to run their business, adding complexity to securing all data.1Microsoft Purview can help you secure and govern your entire data estate in this complex and ...
10 months ago Microsoft.com
AI and Quantum Computing Threaten Encryption and Data Security - While only theoretical at this juncture, one of the big concerns about AI, when combined with quantum computing, is that there is a possibility that what is encrypted at present could be decrypted in the future. This is enough of a security concern ...
10 months ago Securityboulevard.com
Penetration Testing for Sensitive Data Exposure in Enterprise Networks: Everything You Need to Know! - The amount of data enterprises store is much bigger than SMBs. A lot of this data includes sensitive information of customers and clients such as bank details, social security numbers, emails, contact numbers, etc. For those new to data security, ...
9 months ago Securityboulevard.com
Decoding the data dilemma: Strategies for effective data deletion in the age of AI - Businesses today have a tremendous opportunity to use data in new ways, but they must also look at what data they keep and how they use it to avoid potential legal issues. Forrester predicts a doubling of unstructured data in 2024, driven in part by ...
6 months ago Venturebeat.com
Intel Discloses Max Severity Bug in Its AI Model Compression Software - Intel has disclosed a maximum severity vulnerability in some versions of its Intel Neural Compressor software for AI model compression. The bug, designated as CVE-2024-22476, provides an unauthenticated attacker with a way to execute arbitrary code ...
4 months ago Darkreading.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)