article thumbnail

Researchers discover flaw in Apple Silicon chips, but it surely’s not ‘that dangerous’

Posted on

AppleInsider is supported by its viewers and will earn fee as an Amazon Affiliate and affiliate companion on qualifying purchases. These affiliate partnerships don’t affect our editorial content material.

Researchers have found a microarchitectural flaw current in Apple Silicon chips that might result in knowledge leakage, although they mentioned there’s presently little trigger for concern.

The so-called Augury flaw was found by a staff of researchers led by Jose Rodrigo Sanchez Vicarte of the College of Illinois at Urbana Champaign and Michael Flanders of the College of Washington. Vicarte, Flanders, and different members of the staff not too long ago revealed particulars of the flaw in a new paper.

In line with the researchers, the flaw exists within the Knowledge-Reminiscence Dependent Prefetcher (DMP) in Apple Silicon chips. DMPs, which determine what reminiscence content material to prefetch, are well-known in tutorial circles however have but to be deployed in a industrial product.

“Classical prefetchers look solely on the stream of earlier addresses accessed. DMPs additionally contemplate on the content material of the beforehand prefetched reminiscence,” mentioned David Kohlbrenner, one other member of the staff. “Inherently, the DMP’s selection thus reveals one thing in regards to the content material of reminiscence.”

Apple’s M1 and A14 household of chips use a prefetcher that targets an array-of-pointers entry sample. Thought the precise particulars are sophisticated, this primarily implies that the chips can leak knowledge that is not learn by any instruction.

Kohlbrenner famous, nonetheless, that that is “in regards to the weakest DMP an attacker can get.”

“It solely prefetches when content material is a legitimate digital handle, and has numerous odd limitations,” he wrote on Twitter. “We present this can be utilized to leak pointers and break ASLR. We consider there are higher assaults out there.”

The flaw is not “that dangerous” presently, since it will possibly solely leak knowledge pointers and “probably solely within the sandbox risk mannequin.”

Nevertheless, comparable flaws centered round knowledge at relaxation may be difficult to guard in opposition to. That is as a result of leaked knowledge is rarely learn by the core, speculatively or non-speculatively.

Supply hyperlink

Leave a Reply

Your email address will not be published.