oss-sec mailing list archives
SLAM: Spectre based on Linear Address Masking
From: Alan Coopersmith <alan.coopersmith () oracle com>
Date: Tue, 5 Dec 2023 12:59:57 -0800
A vulnerability in closed source CPUs which open source OSes may need to mitigate was disclosed today: https://www.vusec.net/projects/slam/ https://github.com/vusec/slam https://www.youtube.com/watch?v=y4wZ-tREaNk https://x.com/vu5ec/status/1732099516621521003 The first page lists these processors as affected: - Existing AMD CPUs vulnerable to CVE-2020-12965; - Future Intel CPUs supporting LAM (both 4- and 5-level paging); - Future AMD CPUs supporting UAI and 5-level paging; - Future Arm CPUs supporting TBI and 5-level paging. as it takes advantage of CPU features which allow masking off some bits of pointer addresses to store additional data in, such as Intel’s Linear Address Masking (LAM), AMD’s Upper Address Ignore (UAI), or ARM's Top-byte Ignore (TBI). -- -Alan Coopersmith- alan.coopersmith () oracle com Oracle Solaris Engineering - https://blogs.oracle.com/solaris
Current thread:
- SLAM: Spectre based on Linear Address Masking Alan Coopersmith (Dec 05)