Endpoint Security

Future Intel, AMD and Arm CPUs Vulnerable to New ‘SLAM’ Attack: Researchers

Security features that major CPU vendors plan on integrating into their future products can increase the surface for certain types of attacks.

Published

GhostRace CPU attack

Academic researchers have disclosed the details of a new type of attack targeting modern CPUs, particularly future products from Intel, AMD and Arm. 

The attack has been named SLAM, which stands for ‘Spectre based on Linear Address Masking’, and it was discovered by researchers at VUSec, the systems and network security group at the VU Amsterdam university in the Netherlands. 

The researchers’ goal was to demonstrate that upcoming hardware-based security features such as Intel’s Linear Address Masking (LAM), AMD’s Upper Address Ignore (UAI) and Arm’s Top Byte Ignore (TBI), which should enable the implementation of fast security checks, can actually increase the surface for Spectre attacks. 

Spectre is one of the original transient execution CPU vulnerabilities, which can expose potentially sensitive information from memory, such as encryption keys and passwords, to side-channel attacks. 

According to the researchers, SLAM impacts some current AMD processors, as well as future Intel, AMD and Arm CPUs that will support LAM, UAI and TBI. 

The experts demonstrated their findings by developing an end-to-end Spectre exploit targeting LAM on upcoming Intel processors. 

The exploit focuses on the more recent Spectre BHI attack variant, which bypasses some of the hardware mitigations implemented in response to the original Spectre, and abuses various gadgets in the latest Linux kernel to leak the root password hash from kernel memory within minutes.

Intel, AMD and Arm have been informed about the SLAM attack. Intel, one of the sponsors of the research, said it plans to provide software guidance prior to the release of CPUs that support LAM. In addition, Linux developers created patches to disable the security feature by default until guidance becomes available. 

Advertisement. Scroll to continue reading.

Arm has published a security advisory to inform customers about the attack, but noted that existing mitigations for Spectre v2 and Spectre BHI should prevent exploitation. 

The researchers said AMD also claims existing Spectre v2 mitigations should prevent exploitation and the company has not released further guidance. 

A technical paper detailing the SLAM attack has been made public, along with code and a video showing the exploit in action. 

Related: Intel, AMD Chip Vulnerabilities Put Billions of Devices at Risk

Related: New ‘Inception’ Side-Channel Attack Targets AMD Processors

In this article:,

Related Content

Intel CPU attack

Endpoint Security

Researchers Resurrect Spectre v2 Attack Against Intel CPUs

VUSec researchers resurrect Spectre v2 attack, showing that it works against the Linux kernel on the latest-generation Intel CPUs.

April 10, 2024

Endpoint Security

ZenHammer Attack Targets DRAM on Systems With AMD CPUs

A new Rowhammer attack named ZenHammer has been demonstrated against DRAM on systems with AMD CPUs, including DDR5.

March 26, 2024

Data Protection

New ‘GoFetch’ Apple CPU Attack Exposes Crypto Keys 

Researchers detail GoFetch, a new side-channel attack impacting Apple CPUs that could allow an attacker to obtain secret keys.

March 22, 2024

Endpoint Security

Major CPU, Software Vendors Impacted by New GhostRace Attack

CPU makers Intel, AMD, Arm and IBM, as well as software vendors, are impacted by a new speculative race condition (SRC) attack named GhostRace.

March 13, 2024

Endpoint Security

Chipmaker Patch Tuesday: Intel, AMD Address Over 130 Vulnerabilities

Intel and AMD have informed their customers about a total of more than 130 vulnerabilities found in their products.

November 15, 2023

Copyright © 2024 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Exit mobile version