Researchers from Seoul National University, Samsung Research, and the Georgia Institute of Technology have identified a critical vulnerability in ARM’s Memory Tagging Extension (MTE) that opens the door to memory corruption attacks. This vulnerability allows attackers to hijack control flow, execute code, elevate privileges, and leak data.
The MTE technology was introduced by ARM to mitigate memory corruption attacks by tagging memory and checking tags on access. However, the researchers discovered that speculative execution attacks can bypass MTE defenses and leak critical information by exploiting branch prediction, prefetchers, and store-to-load forwarding.
The team of researchers involved in this discovery includes Juhee Kim, Jinbum Park, Sihyeon Roh, Jaeyoung Chung, and Youngjoo Lee from Seoul National University, along with Taesoo Kim from Samsung Research and the Georgia Institute of Technology, and Byoungyoung Lee from Seoul National University.
The cybersecurity analysts developed real-world attacks against popular software like Chrome and the Linux kernel, successfully leaking MTE tags with over 95% success rate in less than 4 seconds. This research has shed light on the importance of considering speculative execution vulnerabilities when designing MTE mitigations.
The findings of the researchers have been communicated to ARM, Google, and Android to address the vulnerabilities identified. As the adoption of MTE technology grows, it becomes imperative to understand these issues for secure deployment and robust protection against memory corruption attacks.
In a technical analysis of the vulnerability, security researchers delved deeper into the attacker model targeting systems with MTE. The MTE technology utilizes random tags for memory allocations and performs tag checks on every memory access. The attacker aims to exploit memory corruption vulnerabilities and bypass MTE by learning the tag for a memory address, allowing for exploitation without crashing the process.
The researchers presented two speculative execution gadgets that can leak MTE tags by exploiting microarchitectural behaviors influenced by tag check results, such as data prefetching, speculative execution, and store-to-load forwarding. Mitigations for these attacks involve hardware modifications to separate these behaviors from tag checks or software techniques like speculation barriers.
Real-world attacks using the TIKTAG speculative execution gadgets were demonstrated on Google Chrome and the Linux kernel. The researchers created TIKTAG-v2 gadget in the V8 JavaScript engine for Chrome, enabling them to leak MTE tags and achieve successful exploitation of vulnerabilities with over 97% effectiveness.
In the Linux kernel, a TIKTAG-v1 gadget was used to leak tags across user and kernel boundaries, bypassing MTE protections with a 97% success rate for buffer overflow and use-after-free vulnerabilities. Mitigations for such attacks include strengthening speculative sandboxes, inserting barriers between speculations, and avoiding constructing gadgets using predictable patterns.
These attacks underscore the importance of considering speculative execution in the creation of hardware-enforced security mechanisms. Understanding these vulnerabilities and addressing them effectively is crucial for bolstering the security posture of systems utilizing MTE technology.