Unpatchable Security Flaw On Apple’s: M1 Chips Leaves its Last level of defense Vulnerable!

Read Time:1 Min, 4 Sec

Apple’s Arm-based M1 silicon vulnerability allows threat actors capability to gain arbitrary code execution on macOS systems. This was recently discovered by researchers at MIT’s Computer Science & Artificial Intelligence Laboratory.

It correlates to the hardware-level pointer authentication codes (PAC), which Apple uses to ensure programs attempting to execute code are safe.

Advertisement

Is it game over for M1-based MacBook owners, though?

Not necessarily… just yet. There are reports that physical access to a machine is needed, though a remote attack is possible as well.

Advertisement

While this type of attack would lead to a kernel panic, crashing the entire system, PACMAN ensures that no system crashes occur and leaves no traces in logs. Threat actors first need to find a memory bug affecting software on the targeted Mac that would be blocked by PAC and that can be escalated into a more severe security issue after bypassing PAC defenses. Reference

You can find more technical details about this novel hardware attack on the dedicated site and in the “PACMAN: Attacking ARM Pointer Authentication with Speculative Execution” paper [PDF] that will be presented at the International Symposium on Computer Architecture on June 18.

Nevertheless, the researchers say their findings have important implications for designers considering implementing Pointer Authentication in future products.

Last Updated on 06/11/2022 by Emmanuel Motelin

EXPLORE MORE ACROSS THE WEB
Tagged : # # # # # # # # #
Advertisement
MOTELIN.ORG – Emmanuel Motelin (Official Website)

You can listen to this podcast on the following platforms. Plus more

AD
bitcoin
Bitcoin (BTC) $ 28,316.59 2.00%
ethereum
Ethereum (ETH) $ 1,802.53 3.30%
tether
Tether (USDT) $ 1.01 0.38%
bnb
BNB (BNB) $ 339.93 2.51%
usd-coin
USD Coin (USDC) $ 1.00 0.37%
xrp
XRP (XRP) $ 0.460298 19.52%
cardano
Cardano (ADA) $ 0.380868 13.46%
dogecoin
Dogecoin (DOGE) $ 0.076029 5.81%
staked-ether
Lido Staked Ether (STETH) $ 1,802.45 3.55%
matic-network
Polygon (MATIC) $ 1.15 4.72%
solana
Solana (SOL) $ 22.49 1.77%
binance-usd
Binance USD (BUSD) $ 1.00 0.46%
polkadot
Polkadot (DOT) $ 6.35 3.90%
shiba-inu
Shiba Inu (SHIB) $ 0.000011 4.23%
tron
TRON (TRX) $ 0.067347 2.31%
litecoin
Litecoin (LTC) $ 81.47 3.96%
avalanche-2
Avalanche (AVAX) $ 17.45 5.02%
dai
Dai (DAI) $ 1.00 0.38%
uniswap
Uniswap (UNI) $ 6.41 4.23%
wrapped-bitcoin
Wrapped Bitcoin (WBTC) $ 28,329.59 2.11%
chainlink
Chainlink (LINK) $ 7.57 8.57%
the-open-network
Toncoin (TON) $ 2.43 1.29%
cosmos
Cosmos Hub (ATOM) $ 11.89 3.29%
leo-token
LEO Token (LEO) $ 3.39 0.15%
ethereum-classic
Ethereum Classic (ETC) $ 20.69 5.53%
monero
Monero (XMR) $ 152.85 1.17%
okb
OKB (OKB) $ 45.33 0.64%
bitcoin-cash
Bitcoin Cash (BCH) $ 132.81 2.71%
stellar
Stellar (XLM) $ 0.094549 8.94%
filecoin
Filecoin (FIL) $ 5.84 1.89%
aptos
Aptos (APT) $ 12.09 1.48%
true-usd
TrueUSD (TUSD) $ 1.01 0.35%
lido-dao
Lido DAO (LDO) $ 2.36 4.64%
quant-network
Quant (QNT) $ 130.92 3.78%
hedera-hashgraph
Hedera (HBAR) $ 0.063457 4.80%
crypto-com-chain
Cronos (CRO) $ 0.071703 2.59%
near
NEAR Protocol (NEAR) $ 2.03 3.34%
vechain
VeChain (VET) $ 0.023559 4.34%
arbitrum
Arbitrum (ARB) $ 1.16 9.80%
algorand
Algorand (ALGO) $ 0.230016 10.35%
internet-computer
Internet Computer (ICP) $ 5.26 3.28%
blockstack
Stacks (STX) $ 1.14 4.85%
apecoin
ApeCoin (APE) $ 4.09 2.12%
the-graph
The Graph (GRT) $ 0.149666 3.00%
fantom
Fantom (FTM) $ 0.478202 5.11%
eos
EOS (EOS) $ 1.18 2.55%
the-sandbox
The Sandbox (SAND) $ 0.661983 2.56%
aave
Aave (AAVE) $ 78.54 4.17%
decentraland
Decentraland (MANA) $ 0.61176 2.53%
elrond-erd-2
MultiversX (EGLD) $ 44.35 2.10%
%d bloggers like this: