TikTag: Breaking ARM's Memory Tagging Extension with Speculative Execution

TL;DR

This paper uncovers vulnerabilities in ARM's Memory Tagging Extension (MTE) caused by speculative execution, demonstrating how attackers can leak memory tags and bypass security measures, and proposes defenses against these attacks.

Contribution

It identifies TikTag gadgets that exploit speculative execution to leak MTE tags, revealing a significant security risk and proposing new mitigation strategies.

Findings

TikTag gadgets can leak MTE tags with over 95% success rate

TikTag can bypass MTE protections in Chrome and Linux kernel

Attack success rate approaches 100% within 4 seconds

Abstract

ARM Memory Tagging Extension (MTE) is a new hardware feature introduced in ARMv8.5-A architecture, aiming to detect memory corruption vulnerabilities. The low overhead of MTE makes it an attractive solution to mitigate memory corruption attacks in modern software systems and is considered the most promising path forward for improving C/C++ software security. This paper explores the potential security risks posed by speculative execution attacks against MTE. Specifically, this paper identifies new TikTag gadgets capable of leaking the MTE tags from arbitrary memory addresses through speculative execution. With TikTag gadgets, attackers can bypass the probabilistic defense of MTE, increasing the attack success rate by close to 100%. We demonstrate that TikTag gadgets can be used to bypass MTE-based mitigations in real-world systems, Google Chrome and the Linux kernel. Experimental results show that TikTag gadgets can successfully leak an MTE tag with a success rate higher than 95% in less than 4 seconds. We further propose new defense mechanisms to mitigate the security risks posed by TikTag gadgets.