In this research, the authors investigate and mitigate Speculative Race Conditions (SRCs) on shared resources in operating systems, highlighting vulnerabilities like concurrent use-after-free due to synchronization primitives. They introduce GhostRace, focusing on speculatively executed code paths, revealing that common synchronization primitives can be bypassed using a Spectre-v1 attack, leading to information leakage. They also introduce SCUAF information disclosure attacks in the Linux kernel and propose a generic mitigation to serialize affected synchronization primitives. The authors have disclosed the issue to major hardware vendors and the Linux kernel, with varied responses and mitigation efforts underway. They also acknowledge the impact of SCUAF attacks on multiple systems beyond x86 and Linux.
https://www.vusec.net/projects/ghostrace/