Arm CPUs Impacted by Straight-Line Speculation (SLS) Vulnerability

AleksandarK · Jun 10, 2020

When Spectre and Meltdown were discovered, the whole industry got on its legs and started to question CPU security more seriously. There are a plethora of attacks that exploit the CPU function called branch prediction, which predicts paths of code execution so it can ready them and execute them faster. This approach is one part of the microarchitectural techniques used to add performance to the CPU design. However, nothing comes without a cost. Despite adding more performance, the branch prediction had taken a toll on the security of CPUs, making them vulnerable to side-channel attacks. Spectre and Meltdown where both discovered in 2018 and they impact millions of CPUs around the world.

Today, a new side-channel vulnerability was discovered, and on Arm CPUs. Called the Straight-Line Speculation (SLS), the speculation bug is haunting all of Arm Armv-A based processors. This represents a wide range of devices being powered by these CPUs, so Arm is taking action to prevent it. The way SLS works is that whenever there is a change in instruction flow, the CPU just starts processing instructions found linearly in memory, instead of changing the path of flow. This action is resulting in a new SLS vulnerability marked as CVE-2020-13844. The vulnerability was discovered by Google SafeSide project last year and they have reported it to Arm. In the meantime, Arm was working on a fix and they already send them upstream to important operating systems and firmware suppliers so it can be resolved. Arm says that the chances of this attack are low, however, they can not be dismissed.

View at TechPowerUp Main Site

AsRock · Jun 10, 2020

This effect AMD's PSP ?.

AleksandarK · Jun 10, 2020

AsRock said:
This effect AMD's PSP ?.

I don't know much about AMD's PSP. I don't see it being mentioned anywhere with this bug so i think it is safe. If i find anything i will report on it.

Caring1 · Jun 10, 2020

"new SLS vulnerability marked as CVE-2020"

I see that as Covid 2020
Even CPUs aren't immune.

silentbogo · Jun 10, 2020

Some sources only mention ARMv8, but apparently there are some ARMv7a cores affected as well

Speculative Processor Vulnerability

Vulnerability of Speculative Processors to Cache Timing Side-Channel Mechanism.

developer.arm.com

https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation

Vayra86 · Jun 10, 2020

Caring1 said:
"new SLS vulnerability marked as CVE-2020"

I see that as Covid 2020
Even CPUs aren't immune.

I suppose that's two weeks of no internet for it!

R-T-B · Jun 11, 2020

AsRock said:
This effect AMD's PSP ?.

It's arm based but it's so locked down I don't know how you'd execute the exploit. It'd be hard as hell, but once someone figures it out: Yes, certainly. It fits the bill to be affected.

silentbogo · Jun 11, 2020

R-T-B said:
It's arm based but it's so locked down I don't know how you'd execute the exploit. It'd be hard as hell, but once someone figures it out: Yes, certainly. It fits the bill to be affected.

If PSP is still just a straightforward Cortex-A5, then it's not affected (so far).
Though, there are still exploitable holes in PSP firmware (and many undiscovered, since it's closed-source and barely documented).

R-T-B · Jun 11, 2020

silentbogo said:
If PSP is still just a straightforward Cortex-A5, then it's not affected (so far).

Thought it was an Armv7A. Might be wrong (probably am, actually).

silentbogo said:
and many undiscovered, since it's closed-source and barely documented

#ThanksQualcomm

silentbogo · Jun 11, 2020

R-T-B said:
Thought it was an Armv7A.

Cortex-A5 is ARMv7-a. But that's for older CPUs/APUs. With Zen it's probably running on magic unicorns, cause once again - no one knows/secret/proprietary/undocumented.

remixedcat · Jun 11, 2020

ARM based router SoCs anyone?

R-T-B · Jun 11, 2020

silentbogo said:
With Zen it's probably running on magic unicorns, cause once again - no one knows/secret/proprietary/undocumented.

It's based on a quqlcomm TrustZone solution from smartphoneland, which is designed to run on lowend reference arm cores.

Honestly, I'd be shocked if it wasn't.

remixedcat said:
ARM based router SoCs anyone?

Inefficient for routing, but through enough Ghz at the problen and they work. I had a marvell based one that ran around 1gbps on my line no prob, albeit at 2Ghz core clock...

remixedcat · Jun 11, 2020

I meant are they affected by this??

System Name	H7 Flow 2024
Processor	AMD 5800X3D
Motherboard	Asus X570 Tough Gaming
Cooling	Custom liquid
Memory	32 GB DDR4
Video Card(s)	Intel ARC A750
Storage	Crucial P5 Plus 2TB.
Display(s)	AOC 24" Freesync 1m.s. 75Hz
Mouse	Lenovo
Keyboard	Eweadn Mechanical
Software	W11 Pro 64 bit

System Name	WS#1337
Processor	Ryzen 7 5700X3D
Motherboard	ASUS X570-PLUS TUF Gaming
Cooling	Xigmatek Scylla 240mm AIO
Memory	4x8GB Samsung DDR4 ECC UDIMM
Video Card(s)	MSI RTX 3070 Gaming X Trio
Storage	ADATA Legend 2TB + ADATA SX8200 Pro 1TB
Display(s)	Samsung U24E590D (4K/UHD)
Case	ghetto CM Cosmos RC-1000
Audio Device(s)	ALC1220
Power Supply	SeaSonic SSR-550FX (80+ GOLD)
Mouse	Logitech G603
Keyboard	Modecom Volcano Blade (Kailh choc LP)
VR HMD	Google dreamview headset(aka fancy cardboard)
Software	Windows 11, Ubuntu 24.04 LTS

Processor	7800X3D
Motherboard	MSI MAG Mortar b650m wifi
Cooling	Thermalright Peerless Assassin
Memory	32GB Corsair Vengeance 30CL6000
Video Card(s)	ASRock RX7900XT Phantom Gaming
Storage	Lexar NM790 4TB + Samsung 850 EVO 1TB + Samsung 980 1TB + Crucial BX100 250GB
Display(s)	Gigabyte G34QWC (3440x1440)
Case	Lian Li A3 mATX White
Audio Device(s)	Harman Kardon AVR137 + 2.1
Power Supply	EVGA Supernova G2 750W
Mouse	Steelseries Aerox 5
Keyboard	Lenovo Thinkpad Trackpoint II
Software	W11 IoT Enterprise LTSC
Benchmark Scores	Over 9000

System Name	Pioneer
Processor	Ryzen R9 9950X
Motherboard	GIGABYTE Aorus Elite X670 AX
Cooling	Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory	64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s)	XFX RX 7900 XTX Speedster Merc 310
Storage	Intel 905p Optane 960GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s)	55" LG 55" B9 OLED 4K Display
Case	Thermaltake Core X31
Audio Device(s)	TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply	FSP Hydro Ti Pro 850W
Mouse	Logitech G305 Lightspeed Wireless
Keyboard	WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software	Gentoo Linux x64 / Windows 11 Enterprise IoT 2024

System Name	WS#1337
Processor	Ryzen 7 5700X3D
Motherboard	ASUS X570-PLUS TUF Gaming
Cooling	Xigmatek Scylla 240mm AIO
Memory	4x8GB Samsung DDR4 ECC UDIMM
Video Card(s)	MSI RTX 3070 Gaming X Trio
Storage	ADATA Legend 2TB + ADATA SX8200 Pro 1TB
Display(s)	Samsung U24E590D (4K/UHD)
Case	ghetto CM Cosmos RC-1000
Audio Device(s)	ALC1220
Power Supply	SeaSonic SSR-550FX (80+ GOLD)
Mouse	Logitech G603
Keyboard	Modecom Volcano Blade (Kailh choc LP)
VR HMD	Google dreamview headset(aka fancy cardboard)
Software	Windows 11, Ubuntu 24.04 LTS

Arm CPUs Impacted by Straight-Line Speculation (SLS) Vulnerability

AleksandarK

News Editor

AsRock

TPU addict

AleksandarK

News Editor

Caring1

silentbogo

Moderator

Speculative Processor Vulnerability

Vayra86

R-T-B

silentbogo

Moderator

R-T-B

silentbogo

Moderator

remixedcat

R-T-B

remixedcat

System Name	RemixedBeast-NX
Processor	Intel Xeon E5-2690 @ 2.9Ghz (8C/16T)
Motherboard	Dell Inc. 08HPGT (CPU 1)
Cooling	Dell Standard
Memory	24GB ECC
Video Card(s)	Gigabyte Nvidia RTX2060 6GB
Storage	2TB Samsung 860 EVO SSD//2TB WD Black HDD
Display(s)	Samsung SyncMaster P2350 23in @ 1920x1080 + Dell E2013H 20 in @1600x900
Case	Dell Precision T3600 Chassis
Audio Device(s)	Beyerdynamic DT770 Pro 80 // Fiio E7 Amp/DAC
Power Supply	630w Dell T3600 PSU
Mouse	Logitech G700s/G502
Keyboard	Logitech K740
Software	Linux Mint 20
Benchmark Scores	Network: APs: Cisco Meraki MR32, Ubiquiti Unifi AP-AC-LR and Lite Router/Sw:Meraki MX64 MS220-8P