A new vulnerability discovered in its architecture Armv8-A (Cortex-A) CPU, reported by chip maker Arm. The company asked developers to help mitigate the vulnerability. The error is a classic side-channel attack.
Η attack it is based on data processing by one CPU in advance, for reasons of speed and efficiency and in the rejection of computing sectors that are not needed. It can allow malicious agents to steal these temporary calculations and see what the CPU is working on.
According to Arm, the SLS error it discovered is a different form of it Specter. While the original Specter error affected all large chip processors, SLS only affects Arm Armv-A processors.
To the affected processors, while the computer performs its processes normally, when there is a change in the command flow control of the Arm CPU, the CPU reacts by executing instructions that are in its memory, after the change in the control flow.
However, while the description of the SLS error seems quite serious, Arm says that for now, danger such an attack is actually low.
Patches have been released by Arm
The company has been working since last year to fix this issue. Engineers have contributed code updates to various software programs and operating systems, including FreeBSD, OpenBSD, Trusted Firmware-A and OP-TEE. These code updates can prevent this error from being exploited.
However, Arm has done even more. The company has also released GCC and LLVM code updates, two of the most popular code compilers.
Unlike Specter and Meltdown, Arm says these patches are unlikely to have an adverse effect on performance. According to Arm, SLS vulnerability was discovered by security researchers involved in Google SafeSide, a project that investigates side-channel attacks caused by factors related to hardware.