Apple’s M1 chips have an unrepairable hardware vulnerability that could allow attackers to break through the latest line of security, MIT researchers have found.
The vulnerability lies in a hardware-level security mechanism used in Apple M1 chips called pointer authentication codes or PACs. This feature makes it much harder for an attacker to inject malicious code into the device’s memory and provides a level of protection against buffer overflow exploits, an attack type that forces memory to spill elsewhere on the chip.
However, researchers at the Massachusetts Institute of Technology’s computer science and artificial intelligence lab have created a new hardware attack that combines memory corruption and speculative execution attacks to circumvent the security feature. The attack shows that pointer authentication can be defeated without leaving a trace, and because it uses a hardware mechanism, no software fix can fix it.
The attack, aptly named “Pacman”, works by “guessing” a pointer authentication code (PAC), a cryptographic signature that confirms that an application has not been maliciously altered. This is done using speculative performance – a technique used by modern computer processors to speed up performance by speculatively guessing various compute lines – to leak PAC test results while hardware side channel reveals whether the assumption was correct or not.
Moreover, because there are so many possible values for PAC, researchers have found that it is possible to try them all to find the right one.
As proof of the concept, the researchers demonstrated that the attack even works against the kernel – the software core of the device’s operating system – which has “huge implications for the future security of all ARM systems with pointer authentication enabled,” said Joseph Ravichandran. PhD student at MIT CSAIL and co-author of the research paper.
“The idea behind pointer authentication is that if all else fails, you can still rely on it to prevent attackers from gaining control of your system,” Ravichandran added. “We have shown that certifying a pointer as a last line of defense is not as absolute as we once thought it was.”
Apple has implemented directory authentication of all of its custom ARM-based silicon to date, including the M1, M1 Pro and M1 Max, and a number of other chipmakers, including Qualcomm and Samsung, have either announced or are expected to ship new processors supporting security at the hardware level. The Massachusetts Institute of Technology said it had not yet tested the attack on Apple’s unreleased M2 chip, which also supports pointer authentication.
“If not mitigated, our attack will affect most mobile devices and possibly even desktop devices in the coming years,” MIT said in a research paper.
Researchers – who presented their findings to Apple – noted that the Pacman attack is not a “magic bypass” for the entire security of the M1 chip and can only accept an existing error from which the authentication of the pointer protects.
When it was reached before it was released, Apple would not comment on the recording. Following the publication, Apple spokesman Scott Radcliffe said: “We would like to thank the researchers for their collaboration, as this proof of concept improves our understanding of these techniques. Based on our analysis, as well as the details shared with us by the researchers, we concluded that this problem does not pose an immediate risk to our users and is insufficient to circumvent the protection of the operating system alone.
In May last year, a developer discovered an irreparable flaw in Apple’s M1 chip, which creates a hidden channel that two or more already installed malicious applications can use to transmit information to each other. But the mistake was ultimately considered “harmless” because the malware could not use it to steal or intrude on Mac data.
Updated with a comment for a record from Apple.
Add Comment