Connect with us

News

Apple M1 has an M1RACLES vulnerability that cannot be fixed by software

Published

on

A vulnerability was found in the brand new SoC Apple M1. It was discovered by Asahi Linux developer Hector Martin while working on his project to port Linux to a PC with an M1.

The author named the vulnerability M1RACLES (M1ssing Register Access Controls Leak EL0 State). The essence of the vulnerability is that the system register ARM with the code s3_5_c15_c10_1 is accessible from the EL0 mode and contains two implemented bits that can be read or written (bits 0 and 1). It is a register for each cluster that can be accessed by all cluster cores at the same time. This makes it a two-bit covert channel that any arbitrary process can use to communicate with another process.

A pair of interacting processes can build a stable channel from this two-bit state using the synchronization protocol. This allows processes to exchange arbitrary amounts of data, limited only by the CPU overhead.

Simply put, two applications can secretly exchange data directly, bypassing memory, files, and any other normal OS functions. However, by default this channel is only 2 bits wide. And while it can be expanded to 1MB / s, overall, the author says that Mac users on the M1 should not worry.

Matin notes that any applications that could take advantage of these data transfer methods are much more likely to use other channels. Moreover, Martin directly says that he simply decided to troll the media, which inflate this or that data about new vulnerabilities in processors. The vulnerability, of course, does exist, but it does not pose a threat, so it might not have been reported.

Another fact is more interesting. The developer suspects that this vulnerability is a consequence of Apple’s deliberate actions to change the Arm specifications. The Cupertino giant simply removed one feature, probably because it thought it would never come in handy on macOS.

It is impossible to fix the vulnerability programmatically.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Advertisement

Latest News

Phones3 hours ago

WhatsApp is testing an iPhone-only feature. Official sticker packs can be sent

The team of the popular messenger WhatsApp has begun testing a new feature exclusively for iOS users. Starting today, beta...

News3 hours ago

Huawei P30 and P30 Pro started receiving HarmonyOS

Huawei has begun distributing the beta version of the HarmonyOS 2 operating system for the flagship Huawei P30 and P30...

News3 hours ago

4500 mAh, 90 Hz, 5G, 64 MP, 30 W, NFC. OnePlus Nord CE 5G is on sale

OnePlus has announced the start of sales in Europe of its new OnePlus Nord CE 5G smartphone. European users can...

News4 hours ago

Samsung Display distinguished itself: employees of the company declared the first strike in history

Workers at the display manufacturer Samsung Display have gone on strike, the first in the history of the company, which...

Phones4 hours ago

Helio P70, 6/128 GB, Sony camera, NFC, fast charging and Doke OS 2.0 discounted for $ 110. Blackview A100 smartphone presented

Blackview introduced the Blackview A100 smartphone, which received excellent performance at an affordable price. The smartphone is equipped with a...

News5 hours ago

Samsung Galaxy M21 2021 Edition – another monster of autonomy

A couple of weeks ago, the page of the Samsung Galaxy M21 Prime Edition smartphone with the model number SM-M215G...

Phones6 hours ago

Samsung has managed to release only a few tens of thousands of Galaxy S21 FE. Carriers are already testing Samsung Galaxy Z Fold3 and Galaxy Z Flip3

Renowned journalist Roland Quandt confirms previous reports that Samsung has already begun mass production of its Galaxy Z Fold3 and...

News6 hours ago

The first Dizo devices – the new Realme brand – come out on July 1st

At the end of May, Realme unveiled a new brand called Dizo, under which smart home products, accessories, and renamed...

Advertisement

Most Popular