"New SLAM Attack Steals Sensitive Data From AMD, Future Intel CPUs"

Researchers from the Systems and Network Security Group (VUSec Group) at Vrije Universiteit Amsterdam have developed "Spectre based on LAM" (SLAM), a new side-channel attack that uses hardware features designed to improve security in upcoming Intel, AMD, and Arm CPUs to obtain the root password hash from kernel memory. According to the researchers, SLAM is a transient execution attack that exploits a memory feature, which enables software to use untranslated address bits in 64-bit linear addresses for storing metadata. CPU vendors implement this in various ways and use different names for it. Intel refers to it as Linear Address Masking (LAM), AMD as Upper Address Ignore (UAI), and Arm as Top Byte Ignore (TBI). This article continues to discuss the SLAM attack.

Bleeping Computer reports "New SLAM Attack Steals Sensitive Data From AMD, Future Intel CPUs"

Submitted by grigby1