If the attacker can measure the execution time of code executing in parallel with the victim on the same core, they can detect changes in the timing resulting from the two programs contending for the same execution port on the core.

Description

CWE

CVE

Attack Surfaces

Hyperthreading (MITRE EMB3D PID-11)

Attack Vectors

Code Execution (MITRE EMB3D TID-301)

Defenses

constant-time code, make execution port usage independent of secrets

disable hyperthreading, Allocate a dedicated core for the victim process

ORSHIN Attack Defense Framework

If the attacker can measure the execution time of code executing in parallel with the victim on the same core, they can detect changes in the timing resulting from the two programs contending for the same execution port on the core.

Description

CWE

CVE

Attack Surfaces

Attack Vectors

Defenses