Tuesday, January 26, 03:24
Home security Side-channel attack can be performed on Arm CPUs

Side-channel attack can be performed on Arm CPUs

A new vulnerability discovered in its architecture Armv8-A (Cortex-A) CPU, reported by chip maker Arm. The company asked developers to help mitigate the vulnerability. The error is a classic side-channel attack.

Arm

Η attack it is based on data processing by one CPU in advance, for reasons of speed and efficiency and in the rejection of computing sectors that are not needed. It can allow malicious agents to steal these temporary calculations and see what the CPU is working on.

According to Arm, the SLS error it discovered is a different form of it Specter. While the original Specter error affected all large chip processors, SLS only affects Arm Armv-A processors.

To the affected processors, while the computer performs its processes normally, when there is a change in the command flow control of the Arm CPU, the CPU reacts by executing instructions that are in its memory, after the change in the control flow.

However, while the description of the SLS error seems quite serious, Arm says that for now, danger such an attack is actually low.

Patches have been released by Arm

The company has been working since last year to fix this issue. Engineers have contributed code updates to various software programs and operating systems, including FreeBSD, OpenBSD, Trusted Firmware-A and OP-TEE. These code updates can prevent this error from being exploited.

However, Arm has done even more. The company has also released GCC and LLVM code updates, two of the most popular code compilers.

Unlike Specter and Meltdown, Arm says these patches are unlikely to have an adverse effect on performance. According to Arm, SLS vulnerability was discovered by security researchers involved in Google SafeSide, a project that investigates side-channel attacks caused by factors related to hardware.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LIVE NEWS

00:02:40

COVID-19 vaccines: Ways to protect supply chains

The development of vaccines for COVID-19 in such a short period of time has created many challenges and these are not only related to ...
00:02:17

How do insurance companies "enhance" ransomware attacks?

Ransomware attacks have increased significantly, with experts warning that their victims should not pay ransom to hackers ....

Russia: "US may be planning retaliation for SolarWinds hack"!

The Russian government warns the country's organizations about possible cyber attacks that the US may carry out, as "retaliation" for the hack ...

iPhone: How to see which apps have access to your contacts

Some iPhone privacy issues go deeper than accessing your contacts list, which exposes your contacts to ...

COVID-19: Google makes vaccination clinics available

Google CEO Sundar Pichai said Monday that the company will make its facilities available to become clinics ...

Netflix offers "studio quality" audio upgrade on Android

Do not be surprised if Netflix sounds better the next time you run a marathon with rows on your Android phone ...

Will Bitcoin return to $ 40.000? There is concern!

Bitcoin lovers who take his return above the level of $ 40.000 for granted have been worried because the demand ...

Avaddon ransomware: Its operators threaten with DDoS attacks to get ransom!

Lately, more and more ransomware gangs tend to threaten their targets with DDoS attacks in order to secure profits ....

Volunteer firefighters will be trained through VR simulation

Volunteer firefighters in the Australian state of Victoria will soon have access to the virtual reality (VR) training that will be available in ...

Tesla: Accuses its former employee of stealing her confidential data!

On January 23, Tesla sued former employee Alex Khatilov for stealing 26.000 confidential documents, including trade secrets. The software ...