JavaScript Attack Breaks ASLR On 22 CPU Architectures (bleepingcomputer.com)

← Back to Stories (view on slashdot.org)

JavaScript Attack Breaks ASLR On 22 CPU Architectures (bleepingcomputer.com)

Posted by BeauHD on Wednesday February 15, 2017 @12:05PM from the drive-by-exploits dept.

An anonymous reader quotes a report from BleepingComputer: Five researchers from the Vrije University in the Netherlands have put together an attack that can be carried out via JavaScript code and break ASLR protection on at least 22 microprocessor architectures from vendors such as Intel, AMD, ARM, Allwinner, Nvidia, and others. The attack, christened ASLRCache, or AnC, focuses on the memory management unit (MMU), a lesser known component of many CPU architectures, which is tasked with improving performance for cache management operations. What researchers discovered was that this component shares some of its cache with untrusted applications, including browsers. This meant that researchers could send malicious JavaScript that specifically targeted this shared memory space and attempted to read its content. In layman's terms, this means an AnC attack can break ASLR and allow the attacker to read portions of the computer's memory, which he could then use to launch more complex exploits and escalate access to the entire OS. Researchers have published two papers [1, 2] detailing the AnC attack, along with two videos[1, 2] showing the attack in action.

7 of 157 comments (clear)

Min score:

Reason:

Sort:

Layman's Terms by nuckfuts · 2017-02-15 12:13 · Score: 4, Funny

In layman's terms, this means an AnC attack can break ASLR...
'cause every layman knows what ASLR is.
1. Re:Layman's Terms by DontBeAMoran · 2017-02-15 15:39 · Score: 4, Funny
  
  https://xkcd.com/221/
  http://dilbert.com/strip/2001-...
  
  --
  #DeleteFacebook
2. Re:Layman's Terms by DontBeAMoran · 2017-02-15 15:40 · Score: 4, Funny
  
  What the hell is a search engine and how many cylinders does it have?
  
  --
  #DeleteFacebook
I only hope by Anonymous Coward · 2017-02-15 12:27 · Score: 2, Funny

Somebody can tell me how I can block this attack with a HOSTS file?
crazy by Anonymous Coward · 2017-02-15 12:28 · Score: 4, Funny

who would run anything on a machine with 22 CPUs? That's just ASKING to have your ASLR broken, right?
BeauHD by PopeRatzo · 2017-02-15 12:41 · Score: 4, Funny

I thought Slashdot was supposed to be a tech site. What does Javascript attacks breaking ASLR on 22 microprocessor architectures have to do with tech?

--
You are welcome on my lawn.
Re:In lay terms you say ... by jeremyp · 2017-02-15 23:12 · Score: 4, Funny

You have got a car with Piers Morgan sitting in it. An attacker wants to head butt him in the face (trying to think of a backronym for AnC for this - I have Attacker Nuts... but I can't think of a word beginning with C that describes Piers Morgan) so, for his own protection, you choose where he sits in the car by a random process (Arsehole Seat Location Randomisation), so the chances are the attacker opens the wrong door.
Anyway, it turns out that you can tell by how the car is riding on its springs where Piers Morgan is.

--
All I want is a secure system where it's easy to do anything I want. Is that too much to ask ~~ Randall Munroe