Researchers Warn of Arm Memory Tagging Extension (MTE) Bypass, Vulnerabilities in the Google Pixel 8

Researchers from Seoul National University, working with colleagues at the Georgia Institute of Technology and Samsung Research, have warned of a vulnerability that lets attackers break the security offered by Arm's Memory Tagging Extension (MTE) — rendering its protection effectively close to zero in real-world testing.

"Arm Memory Tagging Extension (MTE) is a new hardware feature introduced in [the] ARMv8.5-A architecture, aiming to detect memory corruption vulnerabilities," the researchers explain. "The low overhead of MTE makes it an attractive solution to mitigate memory corruption attacks in modern software systems and is considered the most promising path forward for improving C/C++ software security."

Memory tagging was originally developed as a tool to be able to more easily debug modern processors, but has since been adopted as a means of protecting against memory corruption accidental or deliberate. It has the advantage of being compatible with existing software, seeming able to provide similar protection to rewriting projects in a memory-safe language such as Rust — but, sadly, that protection appears to be illusory.

"This paper identifies new TikTag gadgets capable of leaking the MTE tags from arbitrary memory addresses through speculative execution," the researchers explain of their work, which leverages the same core attack surface as infamous speculative execution vulnerabilities like Spectre. "With TikTag gadgets, attackers can bypass the probabilistic defense of MTE, increasing the attack success rate by close to 100%."

That's not a theoretical claim, either: the researchers claim to have proven the attack against the Google Chrome browser and the Linux kernel, both running on a Google Pixel 8 smartphone. "Experimental results show that TikTag gadgets can successfully leak an MTE tag with a success rate higher than 95%," the team concludes, "in less than 4 seconds."

The researchers have proposed a selection of mitigations that could reduce the attack's efficacy, including the introduction of speculation barriers in the Linux kernel, an analysis of the source code and compiled binaries to detect and prevent the construction of TikTag gadgets, and the use of speculation barriers and a speculative execution-aware sandbox in the browser.

The team's work has been published on Cornell's arXiv preprint server. Arm has been notified of the team's findings, while Google has stated that the failings of MTE on the Pixel 8 represents a confirmed hardware flaw — but also that it has no plans to patch Google Chrome against the attack, "because," the researchers relay, "the [Chrome] V8 sandbox is not intended to guarantee the confidentiality of memory data and MTE tags."