Why it issues: Hardware-based safety flaws like Spectre have been a severe subject for Intel and AMD since their discovery in 2018. Now one has emerged for Apple’s newest customized processors. Although not as severe as Spectre, it confirms that Apple silicon is not resistant to vulnerabilities.
Researchers just lately revealed a paper detailing a vulnerability they’re calling Augury that impacts Apple’s M1, M1 Max, and A14 processors. It may additionally attain older A-series chips and newer M1 kin.
Although Augury hasn’t led to actual exploits but, it is distinctive as a result of it may leak knowledge that neither the core nor any directions have learn. This nullifies many defenses towards Spectre which work by monitoring what knowledge the core and directions entry.
We discovered a technique to leak knowledge on Apple Silicon processors that’s “at relaxation”: that’s, knowledge the core by no means reads speculatively or non-speculatively.
This will likely be an odd one, so stick round for the 🧵 and see
— David Kohlbrenner (@dkohlbre) April 29, 2022
Augury comes from Apple silicon’s use of a Data Memory-Dependent Prefetcher (DMP) which is an optimization that accounts for the content material of earlier reminiscence prefetches. That technique offers a clue as to the reminiscence’s contents, making it doable to leak them.
The researchers do not suppose Augury may be very harmful partly as a result of it solely prefetches legitimate digital addresses. However, it may break ASLR (Address Space Layout Randomization), which may very well be step one in a severe exploit.
The authors of the paper despatched Apple all the small print on Augury earlier than publishing their findings, so the corporate may present a repair if it ever turns into an issue.