Why it is significant: Researchers discovered that a side-channel attack known as SLAM might exploit vulnerabilities in Intel, Arm, and AMD devices under development. So far, chipmakers claim that their systems are sufficiently protected against SLAM, but this is the first transient execution assault targeting future CPUs, so it is uncertain how well the firms’ security will stand up.
Researchers from the Vrije Universiteit Amsterdam discovered SLAM, a new side-channel attack that can be used to mine information from kernel memory, including accessing the root password, opening up a new set of Spectre attacks not only for some current CPUs but also for those in development from Intel, Arm, and AMD. According to the researchers, SLAM, the first transient execution attack targeting future CPUs, has proven proficient at circumventing security mechanisms such as Intel’s Linear Address Masking (LAM) and AMD’s Upper Address Ignore (UAI) that chip makers are implementing into their newest devices.
The goal of LAM, as well as AMD’s related UAI, is to enable applications to effectively employ untranslated bits of 64-bit linear addresses for metadata, according to VUSec researchers in a white paper. Their idea is that by enabling LAM or UAI, more efficient security measures, such as memory safety, may be implemented, and hence the security of production systems will be enhanced. 
SLAM uses certain paging levels on modern CPUs, which is a form of allocation management strategy for the system’s physical memory. According to Tom’s Hardware, these CPUs disregard this attack approach and instead use the same paging mechanism, which is how the acronym SLAM, which stands for spectrum-based on LAM, came up.
VUSec reports that the following CPUs are affected:
Future Intel CPUs that feature LAM (four and five levels of paging)
AMD CPUs in the future will enable UAI and 5-level paging.
TBI and 5-level paging will be supported by future Arm CPUs.
According to Tom’s, these CPUs lack robust canonicality checks in the new paging layers and so circumvent any CPU-level protection.
While “these techniques will typically increase the number of exploitable gadgets,” Arm systems currently mitigate against Spectre v2 and Spectre-BHB, according to a SLAM warning. As a result, no reaction to the stated attack is necessary.” To mitigate the SLAM vulnerability, AMD has referred to current Spectre v2 mitigations, while Intel promises to give software guidelines before releasing CPUs that enable LAM.
