www.rivitmedia.comwww.rivitmedia.comwww.rivitmedia.com
  • Home
  • Tech News
    Tech NewsShow More
    Malicious Go Modules Unleash Disk-Wiping Chaos in Linux Supply Chain Attack
    4 Min Read
    Agentic AI: Transforming Cybersecurity in 2025
    3 Min Read
    Cybersecurity CEO Accused of Planting Malware in Hospital Systems: A Breach of Trust That Shocks the Industry
    6 Min Read
    Cloud Convenience, Criminal Opportunity: How Google Sites Became a Launchpad for Elite Phishing
    6 Min Read
    Targeted Exploits Highlight Need for Vigilance Among High-Risk Apple Users
    4 Min Read
  • Cyber Threats
    • Malware
    • Ransomware
    • Trojans
    • Adware
    • Browser Hijackers
    • Mac Malware
    • Android Threats
    • iPhone Threats
    • Potentially Unwanted Programs (PUPs)
    • Online Scams
  • How-To-Guides
  • Product Reviews
    • Hardware
    • Software
  • IT/Cybersecurity Best Practices
  • FREE SCAN
  • Cybersecurity for Business
Search
  • ABOUT US
  • TERMS AND SERVICES
  • SITEMAP
  • CONTACT US
© 2023 rivitMedia.com. All Rights Reserved.
Reading: ‘SLAM’: A Disruptive Side-Channel Attack Targeting CPUs
Share
Notification Show More
Font ResizerAa
www.rivitmedia.comwww.rivitmedia.com
Font ResizerAa
  • Online Scams
  • Tech News
  • Cyber Threats
  • Mac Malware
  • Cybersecurity for Business
  • FREE SCAN
Search
  • Home
  • Tech News
  • Cyber Threats
    • Malware
    • Ransomware
    • Trojans
    • Adware
    • Browser Hijackers
    • Mac Malware
    • Android Threats
    • iPhone Threats
    • Potentially Unwanted Programs (PUPs)
    • Online Scams
  • How-To-Guides
  • Product Reviews
    • Hardware
    • Software
  • IT/Cybersecurity Best Practices
    • Cybersecurity for Business
  • FREE SCAN
  • Sitemap
Follow US
  • ABOUT US
  • TERMS AND SERVICES
  • SITEMAP
  • CONTACT US
© 2022 Foxiz News Network. Ruby Design Company. All Rights Reserved.
www.rivitmedia.com > Blog > Cyber Threats > Malware > ‘SLAM’: A Disruptive Side-Channel Attack Targeting CPUs
Malware

‘SLAM’: A Disruptive Side-Channel Attack Targeting CPUs

riviTMedia Research
Last updated: December 12, 2023 5:53 pm
riviTMedia Research
Share
malware
'SLAM': A Disruptive Side-Channel Attack Targeting CPUs
SHARE

In the realm of technology and security, a new adversary has emerged, threatening the very core of modern CPUs. Dubbed ‘SLAM’ – an abbreviation for Spectre based on LAM (Linear Address Masking) – this sophisticated side-channel attack, discovered by academic researchers at Vrije Universiteit Amsterdam, poses a significant threat to contemporary and future CPU designs.

Contents
The Intricacies of SLAMImpact on CPU SecurityPotential Risks and Security BreachesResponse from CPU Vendors and IndustryDisclosure, Demonstration, and CountermeasuresBest Practices and Future Precautions

The Intricacies of SLAM

SLAM, derived from the Spectre BHI attack variant, exploits a memory feature in CPUs intended to enhance memory management and security. It leverages metadata storage using untranslated address bits in 64-bit linear addresses. This novel attack methodology can potentially expose sensitive data held within memory by executing transient execution attacks through metadata storage.

Impact on CPU Security

This newly discovered side-channel attack poses a dual threat. Firstly, it affects existing AMD processors, enabling malicious actors to exploit side-channel vulnerabilities to steal sensitive information. Secondly, the implications extend to future CPU designs integrating features like Linear Address Masking (LAM), Upper Address Ignore (UAI), and Top Byte Ignore (TBI) – intended to bolster memory security. Paradoxically, these security elements have introduced exploitable micro-architectural race conditions, creating fertile ground for SLAM attacks.

Potential Risks and Security Breaches

SLAM’s potency is evident in its ability to breach security barriers and extract critical information. Studies indicate that this attack can swiftly extract the root password hash from a system’s kernel memory. Leveraging the CPU’s memory feature utilizing untranslated address bits, SLAM presents a formidable threat, leaving security protocols susceptible and exposing sensitive data.

Response from CPU Vendors and Industry

Major CPU industry players, including Intel, AMD, and Arm, have demonstrated awareness and proactive measures in addressing the SLAM threat. Intel plans to introduce Linear Address Space Separation (LASS) alongside Linear Address Masking (LAM) to prevent speculative address accesses across user/kernel mode, mitigating potential SLAM attack points. Conversely, AMD is confident in their existing Spectre v2 mitigations and asserts their efficacy against SLAM threats.

Linux developers, aligning with industry initiatives, are implementing patches to disable the LAM security feature by default until more robust guidance from CPU manufacturers is available. Arm adopts an open dialogue strategy, issuing advisories to educate customers about managing SLAM attack implications.

Disclosure, Demonstration, and Countermeasures

In the pursuit of transparency, the researchers behind SLAM have released a technical paper outlining the attack’s mechanics and impact. Additionally, they’ve shared code and a video demonstration of the exploit, showcasing the extraction of sensitive kernel data. The technical paper delves into how SLAM targets unmasked gadgets in software to leak ASCII kernel data. Researchers have also developed a scanner to identify exploitable gadgets in the Linux kernel.

Best Practices and Future Precautions

Preventing SLAM and similar side-channel attacks necessitates proactive measures:

  1. Software Updates: Ensure systems are updated with CPU microcode updates and security patches.
  2. Vendor Guidance: Follow guidance provided by CPU vendors regarding mitigations and security measures.
  3. Monitor Security Advisories: Stay informed about security advisories and updates from CPU manufacturers and software developers.
  4. Prudent Code Review: Conduct meticulous code reviews and employ best coding practices to minimize potential vulnerabilities.

In a landscape fraught with evolving threats like SLAM, a collaborative effort between researchers, vendors, and users is vital to fortify digital defenses and safeguard sensitive data against the insidious nature of side-channel attacks.

You Might Also Like

Seidr Trojan Horse Malware: A Deep Dive into Trojan Stealer Threats
DavidHasselhoff Ransomware: A Comprehensive Guide
EnigmaWave Ransomware: Removal Guide and Prevention Tips
VEHU Files Virus: Unraveling the Threat
How to Remove ELDER (Beast) Ransomware
TAGGED:Malware

Sign Up For Daily Newsletter

Be keep up! Get the latest breaking news delivered straight to your inbox.
By signing up, you agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.
Share This Article
Facebook Copy Link Print
Share
Previous Article StartnSearch: Navigating the Hazards of Browser Hijackers
Next Article 23andMe Data Breach: Ensuring Personal Data Security
Leave a Comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Scan Your System for Free

✅ Free Scan Available 

✅ 13M Scans/Month

✅ Instant Detection

Download SpyHunter

//

Check in Daily for the best technology and Cybersecurity based content on the internet.

Quick Link

  • ABOUT US
  • TERMS AND SERVICES
  • SITEMAP
  • CONTACT US

Sign Up for Our Newsletter

Subscribe to our newsletter to get our newest articles instantly!

www.rivitmedia.comwww.rivitmedia.com
© 2023 • rivitmedia.com All Rights Reserved.
  • ABOUT US
  • TERMS AND SERVICES
  • SITEMAP
  • CONTACT US