A new report from university researchers indicates Apple silicon has an exclusive new type of vulnerability that could make it vulnerable to attackers.
The research comes from a team at the University of Illinois Urbana-Champaign, Tel Aviv University, and the University of Washington, who have revealed a so-called a Data Memory-Dependent Prefetcher (DMP) vulnerability they’ve named ‘augury’.
As explained by our friends at Tom’s Hardware:
Augury takes advantage of Apple Silicon’s DMP feature. This prefetcher aims to improve system performance by being aware of the entire memory content, which allows it to improve system performance by pre-fetching data before it’s needed. Usually, memory access is limited and compartmentalized in order to increase system security, but Apple’s DMP prefetch can overshoot the set of memory pointers, allowing it to access and attempt a prefetch of unrelated memory addresses up to its prefetch depth.
The upshot is that it could allow attackers to access “at rest” data that doesn’t have to be accessed by the processing cores in order to be seen. As TH explains, that could mean “Apple’s DMP can potentially leak the entire memory content even if it’s not being actively accessed.”
Affected devices include Apple’s A14 chip that powers the iPad Air and iPhone 12, as well as Apple’s M1 and M1 Max chips. The researchers speculate that M1 Pro and Ultra are also vulnerable, but they haven’t been able to demonstrate this year.
Thankfully, Apple is fully aware of the discoveries and is hopefully working on a fix for the problem. Reassuringly, the researchers say the issue is “right now not that bad.”
We may earn a commission for purchases using our links. Learn more.