acm-header
Sign In

Communications of the ACM

ACM News

MIT Researchers Discover New Flaw in Apple M1 CPUs That Can't Be Patched


The researchers said the attack method makes it possible to distinguish between a correct Pointer Authentication Code (PAC) and an incorrect hash, permitting a bad actor to "brute-force the correct PAC value while suppressing crashes and construct a contr

Credit: Apple

A novel hardware attack dubbed PACMAN has been demonstrated against Apple's M1 processor chipsets, potentially arming a malicious actor with the capability to gain arbitrary code execution on macOS systems.

It leverages "speculative execution attacks to bypass an important memory protection mechanism, ARM Pointer Authentication, a security feature that is used to enforce pointer integrity," MIT researchers Joseph Ravichandran, Weon Taek Na, Jay Lang, and Mengjia Yan said in a new paper.

What's more concerning is that "while the hardware mechanisms used by PACMAN cannot be patched with software features, memory corruption bugs can be," the researchers added.

From The Hacker News
View Full Article

 


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account