Security News > 2024 > June > New ARM 'TIKTAG' attack impacts Google Chrome, Linux systems

A new speculative execution attack named "TIKTAG" targets ARM's Memory Tagging Extension to leak data with over a 95% chance of success, allowing hackers to bypass the security feature.

The paper, co-signed by a team of Korean researchers from Samsung, Seoul National University, and the Georgia Institute of Technology, demonstrates the attack against Google Chrome and the Linux kernel.

MTE is a feature added in the ARM v8.5-A architecture, designed to detect and prevent memory corruption.

The system uses low-overhead tagging, assigning 4-bit tags to 16-byte memory chunks, to protect against memory corruption attacks by ensuring that the tag in the pointer matches the accessed memory region.

The researchers demonstrated the effectiveness of TIKTAG-v2 gadgets against the Google Chrome browser, particularly the V8 JavaScript engine, opening up the path to exploiting memory corruption vulnerabilities in the renderer process.

"As Allocation Tags are not expected to be a secret to software in the address space, a speculative mechanism that reveals the correct tag value is not considered a compromise of the principles of the architecture," reads the ARM bulletin.

News URL

https://www.bleepingcomputer.com/news/security/new-arm-tiktag-attack-impacts-google-chrome-linux-systems/