In today’s cybersecurity world, vulnerabilities are discovered and patched regularly. However, what happens when a flaw is deemed unpatchable? That’s precisely the situation with a critical security issue affecting Apple Silicon Macs, including the M1, M2, and M3 chips. Let’s delve into the details of this alarming discovery.
The Flaw: Data Memory-dependent Prefetchers (DMP)
At the heart of this vulnerability lies a seemingly innocuous process called Data Memory-dependent Prefetchers (DMP). These prefetchers play a crucial role in predicting memory addresses that running code is likely to access shortly. By doing so, they reduce latency between the CPU and main memory, enhancing overall system performance. Unfortunately, within the DMP mechanism, there exists a bug—a tiny but devastating flaw.
How It Works: A Cryptographic Heist
Imagine a scenario where data stored in the chip is mistaken for a memory address and cached. This seemingly harmless error becomes the Achilles’ heel of Apple Silicon Macs. Here’s how the attack unfolds:
Malicious App Exploitation: A malicious app leverages the DMP bug repeatedly. Each time it does so, it gains a tiny piece of information—like a cryptographer deciphering a code.
Data Leakage via Cache Side Channels: The DMP treats certain data values as pointers, even when they aren’t. As a result, it leaks information via cache-side ch
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.