Table of Contents
Fetching ...

Memory DisOrder: Memory Re-orderings as a Timerless Side-channel

Sean Siddens, Sanya Srivastava, Reese Levine, Josiah Dykstra, Tyler Sorensen

TL;DR

Memory DisOrder identifies a timerless side-channel that exploits memory re-orderings under relaxed memory models to infer cross-process activity on CPUs and GPUs, including across virtualization boundaries. The authors implement a comprehensive fuzzing campaign (Listener vs Stressor) across six devices and multiple frameworks to reveal reliable signals, then demonstrate practical attacks: a high-signal-rate covert channel on an Apple M3 GPU (up to 16 bps) and DNN architecture fingerprinting across CPUs and the M3-GPU. They also show that low-level architectural details can boost re-orderings dramatically (e.g., near 30k bps on X86 with arch-aware stress), suggesting broad implications for multi-tenant systems and hardware memory subsystems. The work further discusses mitigations (fencing, signal obfuscation, online detection) and ethical disclosures, highlighting that while DisOrder presents a low-barrier attack vector, precise defenses require deeper understanding of the underlying microarchitectural causes.

Abstract

To improve efficiency, nearly all parallel processing units (CPUs and GPUs) implement relaxed memory models in which memory operations may be re-ordered, i.e., executed out-of-order. Prior testing work in this area found that memory re-orderings are observed more frequently when other cores are active, e.g., stressing the memory system, which likely triggers aggressive hardware optimizations. In this work, we present Memory DisOrder: a timerless side-channel that uses memory re-orderings to infer activity on other processes. We first perform a fuzzing campaign and show that many mainstream processors (X86/Arm/Apple CPUs, NVIDIA/AMD/Apple GPUs) are susceptible to cross-process signals. We then show how the vulnerability can be used to implement classic attacks, including a covert channel, achieving up to 16 bits/second with 95% accuracy on an Apple M3 GPU, and application fingerprinting, achieving reliable closed-world DNN architecture fingerprinting on several CPUs and an Apple M3 GPU. Finally, we explore how low-level system details can be exploited to increase re-orderings, showing the potential for a covert channel to achieve nearly 30K bits/second on X86 CPUs. More precise attacks can likely be developed as the vulnerability becomes better understood.

Memory DisOrder: Memory Re-orderings as a Timerless Side-channel

TL;DR

Memory DisOrder identifies a timerless side-channel that exploits memory re-orderings under relaxed memory models to infer cross-process activity on CPUs and GPUs, including across virtualization boundaries. The authors implement a comprehensive fuzzing campaign (Listener vs Stressor) across six devices and multiple frameworks to reveal reliable signals, then demonstrate practical attacks: a high-signal-rate covert channel on an Apple M3 GPU (up to 16 bps) and DNN architecture fingerprinting across CPUs and the M3-GPU. They also show that low-level architectural details can boost re-orderings dramatically (e.g., near 30k bps on X86 with arch-aware stress), suggesting broad implications for multi-tenant systems and hardware memory subsystems. The work further discusses mitigations (fencing, signal obfuscation, online detection) and ethical disclosures, highlighting that while DisOrder presents a low-barrier attack vector, precise defenses require deeper understanding of the underlying microarchitectural causes.

Abstract

To improve efficiency, nearly all parallel processing units (CPUs and GPUs) implement relaxed memory models in which memory operations may be re-ordered, i.e., executed out-of-order. Prior testing work in this area found that memory re-orderings are observed more frequently when other cores are active, e.g., stressing the memory system, which likely triggers aggressive hardware optimizations. In this work, we present Memory DisOrder: a timerless side-channel that uses memory re-orderings to infer activity on other processes. We first perform a fuzzing campaign and show that many mainstream processors (X86/Arm/Apple CPUs, NVIDIA/AMD/Apple GPUs) are susceptible to cross-process signals. We then show how the vulnerability can be used to implement classic attacks, including a covert channel, achieving up to 16 bits/second with 95% accuracy on an Apple M3 GPU, and application fingerprinting, achieving reliable closed-world DNN architecture fingerprinting on several CPUs and an Apple M3 GPU. Finally, we explore how low-level system details can be exploited to increase re-orderings, showing the potential for a covert channel to achieve nearly 30K bits/second on X86 CPUs. More precise attacks can likely be developed as the vulnerability becomes better understood.
Paper Structure (57 sections, 4 figures, 6 tables)

This paper contains 57 sections, 4 figures, 6 tables.

Figures (4)

  • Figure 1: The Message Passing (MP) litmus test. Thread 0 writes to x and then y. Thread 1 reads the values in the opposite order. If thread 1 observes the updated value for y before the updated value for x, then a re-ordering occurred.
  • Figure 2: Histogram of re-ordering observations by an attacker when a victim is running inference from common DNN architectures on an Apple M3 GPU.
  • Figure 3: Results of classifying DNN architectures. This graph shows the percentage of matched samples using an independent sample t-test against a training set of memory re-ordering observations with sample sizes of 30 and 100.
  • Figure 4: Memory re-orderings time series data across launching and closing Google Chrome on the M1-CPU.