#TransientExecution

MITRE Rolls Out 4 Brand-New CWEs for Microprocessor Security Bugs

February 29, 2024 by Xynik

February 29, 2024 at 02:28PM The MITRE-led CWE program added four new microprocessor-related weaknesses, including exposure of sensitive information during transient execution and data leaks tied to microarchitectural structures and incorrect data forwarding. These vulnerabilities help processors address major issues like Meltdown and Spectre and contribute to a common language for discussing microprocessor weaknesses in … Read more

SLAM Attack: New Spectre-based Vulnerability Impacts Intel, AMD, and Arm CPUs

December 9, 2023 by Xynik

December 9, 2023 at 07:12AM Researchers from Vrije Universiteit Amsterdam disclosed a new side-channel attack called SLAM, exploiting a feature in Intel, AMD, and Arm CPUs. The exploit, an end-to-end Spectre-based attack, allows leakage of sensitive data from kernel memory. Intel, AMD, and Arm are working on mitigations, while existing and future CPUs are affected. … Read more

New SLAM attack steals sensitive data from AMD, future Intel CPUs

December 6, 2023 by Xynik

December 6, 2023 at 07:57PM Researchers at VUSec discovered “SLAM,” a side-channel attack exploiting memory features in future CPUs from Intel, AMD, and Arm, to leak sensitive information like root password hashes. Despite the intended security improvements, these features inadvertently enable SLAM by not checking address canonicality, creating micro-architectural race conditions. Existing defenses are deemed … Read more