Covert-channel attacks in differential privacy exploit secondary channels (unintended data leaks) to extract private information. These attacks manipulate the timing or state of the query processing system to infer private data beyond the intended privacy-preserving outputs. For example, an adversary could monitor the time it takes to process queries or observe the use of shared resources to extract sensitive information, despite the application of differential privacy measures.