- University researchers have found two new speculative execution defects
- The pair affects M2 and M3 processors
- Apple recognized the faults and said it would repair it
Apple devices fed with the M2 / A15 and M3 / A17 fleas are vulnerable to secondary channel defects that could put user data at risk of being stolen, experts warned.
Cybersecurity researchers from the Georgia Institute of Technology and Ruhr Bochum University, who recently published two distinct articles, detailing the two vulnerabilities called Flop and Slap.
These faults, however, do not affect energy consumption models during cryptographic operations, but rather speculative execution, similar to what the dreaded vulnerabilities of the spectrum and the collapse were. Speculative execution is a technique used by processors to improve performance. This implies that the CPU guesses the probable path of a program (as it will be executed then) and begins to execute it before actual decision -making. If the assumption is correct, it accelerates the treatment; Otherwise, the incorrect results are rejected.
Practical application
Explaining their results to Bleeping CompomputeResearchers said prediction errors can lead to fleas to make calculations with poor data.
“Starting with generation M3 / A17, they try to predict the value of the data which will be returned from memory. However, prediction errors in these mechanisms can cause arbitrary calculations made on out -of -limits or data values wrong, “they say.
Usually, when university researchers find computer bugs, they are mainly theoretical or otherwise extremely difficult to succeed in a real scenario. For these, however, the researchers explained how a threat actor could create a malicious website, containing JavaScript code and use it to extract personally identifiable information from the victims.
They shared their conclusions with Apple (late March for Slap, and early September for Flop), which recognized their conclusions and confirmed that it would work on a solution. However, it seems that the Cupertino giant does not rush, because he does not think that the bugs are so important
“We would like to thank the researchers for their collaboration because this proof of concept advances our understanding of these types of threats,” said Apple Bleeping Compompute.
“Based on our analysis, we do not think that this problem has an immediate risk for our users.”
People interested in technical details can read the in -depth analysis here. It was the same researchers who discovered the Ileakage vulnerability a year and a half ago, Bleeping Compompute recall. This one was also a flaw with side canal.
