ARM CPUs vulnerable to Straight-Line Speculation attack

Posted on Wednesday, Jun 10 2020 @ 13:11 CEST by Thomas De Maesschalck
ARM logo
ARM issued a warning that chips based on its ARMv8-A (Cortex-A) architecture are vulnerable to Straight-Line Speculation (CVE-2020-13844), a new side-channel speculative execution attack. It's basically another form of the original Spectre vulnerability but the actual security risk looks pretty low. Full details at ZD Net.
However, while the SLS bug's description looks pretty bad, Arm says that at present, the security risk from an SLS attack is actually low.

"This would be difficult to exploit in practice, and a practical exploit has yet to be demonstrated," the chipmaker wrote in an SLS FAQ page. However, Arm says that the possibility of a successful practical attack "cannot be dismissed."
The bug was discovered last year. Since the time of its discovery, ARM has been working to supply patches to various software projects and operating systems, including FreeBSD, OpenBSD, Trusted Firmware-A, and OP-TEE. Furthermore, ARM also provided patches to GCC and LLVM, two of the most popular code compilers, to prevent developers from compiling potentially vulnerable code. ARM believes the patches are unlikely to have a performance impact.


About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.



Loading Comments