For processors on a wide range of Armv8-A (Cortex-A) architectures its own unique vulnerability to side-channel attacks using speculative computational algorithms. This was reported by ARM itself and provided patches and manuals to mitigate the found vulnerability. The danger is not so great, but it cannot be neglected, because ARM-based processors are everywhere, which makes the risk of leaks unimaginable in terms of consequences.
The vulnerability found by Google in ARM architectures was codenamed Straight-Line Speculation (SLS) and officially designated CVE-2020-13844. According to ARM, the SLS vulnerability is a form of the Specter vulnerability, which (along with the Meltdown vulnerability) became widely known in January 2018. In other words, this is a classic vulnerability in speculative computing mechanisms with a side channel attack.
Speculative computing requires processing data in advance along several possible branches, although these may later be discarded as unnecessary. Side-channel attacks allow such intermediate data to be stolen before it is completely destroyed. As a result, we have productive processors and the risk of data leakage.
The Straight-Line Speculation attack on ARM processors forces the processor to execute instructions found directly in memory after a change in the instruction stream, instead of following the instructions in the new instruction stream. Obviously, this is not the best scenario for choosing instructions for execution, which an attacker can use.
To ARM's credit, not only has it released a developer guide to help avoid the risk of a leak through a Straight-Line Speculation attack, but it has also provided patches for major operating systems such as FreeBSD, OpenBSD, Trusted Firmware-A and OP-TEE and released patches for the GCC and LLVM compilers.
The company also said that the application of patches will not affect the performance of ARM platforms, as happened on x86-compatible Intel platforms with blocking Specter and Meltdown vulnerabilities. However, we will be able to learn about this from third-party sources, which will give an objective picture of the new vulnerability.
Source: 3dnews.ru