Bypassing ARM's Memory Tagging Extension with Side-Channel Attacks

Explore a 27-minute Black Hat conference talk that reveals critical vulnerabilities in ARM's Memory Tagging Extension (MTE), a hardware security feature in ARMv8.5-A architecture. Discover how researchers from Seoul National University, Samsung Research, and Georgia Institute of Technology demonstrate new exploitation techniques that compromise MTE's memory corruption protection through speculative execution side-channel attacks. Learn about the implications of these findings for high-profile implementations like Google Chrome and the Linux kernel, where MTE-based protections can be bypassed. Understand why this promising security advancement, first deployed in Pixel 8 devices in October 2023, requires further improvements to effectively protect against sophisticated memory corruption attacks. Gain insights into the current limitations of MTE and its impact on C/C++ software security, as presented by an international team of security researchers and academics.