A Simple JavaScript Can Hack Your CPU By Bypassing ASLR

A chip level flaw discovered by a security researcher that could hack million of devices with any operating system or application running and the most dangerous thing about the flaw is it can’t be fixed entirely.

The vulnerability is in memory management unit(MMU), CPU’s component to bypass Address Space Randomization(ASLR) protection. ASLR memory protection make random locations where programs run, thus making it difficult to execute the malicious code in memory to cause Buffer Overflow or other memory corruption programs.

What is Buffer Overflow?

It is a condition when a malicious code or program attempt to put more data in a buffer than it can hold. Writing outside block of allocated memory can corrupt data, crash any program and can also cause execution of malicious code. Now it will easy to understand what actually memory flaw is. ASLR is a protection mechanism provided by all operating system from Window, Linux, Android, and Mac OS.

A group of researchers knows as VUSec, from the Vrije University in Netherlands, have found a way to attack which can bypass ASLR protection on at least 22 processors. It can bypass almost any vendor architectures.

An attacker can trick the user into visiting a malicious website and can trigger the attack by targeting the memory to steal juicy information stored in Victim PC’s memory.The attack uses simple JavaScript to get the base address of memory where application and programs are being executed.

After getting the memory address attacker by simply injecting a piece of JavaScript code, an attacker can launch more complex exploit and can hijack your operating system and computer.

The researcher was able to exploit AnC JavaScript successfully in updated versions of Chrome and Firefox web browsers on 22 different CPU architecture in 90 seconds and the most interesting thing is that the Web browser is built within ASLR protection.

The researcher’s team, VUsec published (1st PDF paper, 2nd PDF paper) research paper explaining AnC attack, along with video demonstration of the attack in a Firefox browser on a 64-bit Linux machine.

The researcher combined AnC JavaScript with now patched use-after-free vulnerability (CVE-2013-0753) in Firefox.

Issues with AnC attacks are identified by CVE as:

  • CVE-2017-5925 for Intel processors
  • CVE-2017-5926 for AMD processors
  • CVE-2017-5927 for ARM processors
  • CVE-2017-5928 for a timing issue affecting multiple browsers

VUsec team already notified about the affected chips and software firms, including Intel, AMD, Samsung, Nvidia, Microsoft, Apple, Google, and Mozilla, more than three months ago.

Statement — “The conclusion is that such caching behavior and strong address space randomization are mutually exclusive,” the paper concludes. “Because of the importance of the caching hierarchy for the overall system performance, all fixes are likely to be too costly to be practical.”

How to protect yourself?

The only way to protect yourself is by using enable plug-ins, such as NoScript for Firefox or ScriptSafe for Chrome and not to visit a untrusted website or running a untrusted JavaScript code in your web browsers.

Get more stuff like this
in your inbox

Subscribe Us And Get Latest Tech News, Hacking News, Science News, And Latest Gadgets News Directly Delivered To Your Inbox

Thank You For Subscribing. Verification Email Has Been Send To You. Please Verify !

Something Went Wrong.


Please enter your comment!
Please enter your name here