Cybersecurity researchers under MIT's Computer Science and Artificial Intelligence Laboratory have uncovered a seemingly "unpatchable" flaw in Apple's M1 chips. The vulnerability exists within the chipset's hardware-level security mechanism called the pointer authentication codes, otherwise known as simply PAC. It acts as the M1 chip's main "last line of defense" against cyber attacks, specifically targeting buffer overflow exploits and the system's memory from the injection of malicious code.
The team's findings were published in a report on the MIT CSAIL website on Friday, June 10, yet are seemingly offline as of writing. The official PDF can still be found via the Wayback Machine, showcasing how the team of MIT researchers leveraged an aptly termed "Pacman" attack to cripple the M1 chip's security without leaving a trace. The MIT researchers utilized a dual speculative execution (or spectre) vulnerability alongside a memory corruption procedure, which essentially sidestepped the aforementioned PAC hardware security feature without raising any alarms.
Their findings, however, are quite alarming, as it shows how hackers can easily exploit systems using a security's own guise against it. The Pacman procedure literally systematically guesses the appropriate cryptographic signature needed to pass through the pointer authentication code, proving that an application on the system wasn't withholding maliciously harmful content. The main culprit of the exploit is the speculative execution vulnerability, which leaks the PAC information in tandem with a side-channel hardware procedure revealing the correct guess.
Related Article: Apple Store Employees in Glasgow, Scotland to Unionize, Demands Higher Pay and Better Benefits
Amid the researchers' full proof of concept, the team discloses that the vulnerability works against the system's kernel, meaning it can directly impact and negatively affect the device's full operating system at the core functionality level. One of the co-leading researchers on the project, Joseph Ravichandran, claimed this has "massive implications for future security work on all ARM systems with pointer authentication enabled."
This pointer authentication security apparatus exists on all current ARM-based silicon, including both the M1 Pro and M1 Max. Additionally, chipset manufacturers, such as both Samsung and Qualcomm, are in the process of manufacturing new chips with the same functionality baked into their new processors, making the MIT researchers' discovery all the direr. While the team did not sample the Pacman attack on Apple's forthcoming M2 chip, they are planning on it in the future.
The team gave even more details to Tom's Hardware, underscoring that bad actors don't require any actual physical access to the device in question and can uproot data at terrifying velocities. The researchers explain:
"It's hard to say since exfiltration with this attack will be very dependent on the exact gadget used. Our proof of concept exploit takes 2.69 milliseconds per PAC guess (so worst-case 2.94 minutes per pointer). This may take longer in a fully integrated end-to-end attack."
Apple itself gave words on the occasion via spokesperson Scott Radcliffe, who said, "We want to thank the researchers for their collaboration as this proof of concept advances our understanding of these techniques. Based on our analysis as well as the details shared with us by the researchers, we have concluded this issue does not impose an immediate risk to our users and is insufficient to bypass operating system security protectors on its own."
Thus far, the m1 chip cybersecurity benchmark has shown a total of three vulnerabilities affecting Apple's silicon. Cybersecurity researcher Hector Martin showcased a so-called M1RACLES vulnerability, which essentially gave two applications the ability to transfer data stealthily. Although it may not be as debilitating as the Pacman exploit, last month's Augury vulnerability is definitely one to keep an eye on. The Augury vulnerability makes the Data-Memory Dependent Prefetcher (DMP) in Apple chips leak data while the device is at rest.
Known for its highly secure platforms, Apple typically side-steps these types of issues but may be in a rut, given the wide-sweeping potential inherent in the Pacman exploit. This Apple M1 chip vulnerability will certainly be something users will have to keep aware of, given that Apple can't simply amend it over a software update. The MIT researchers add in conclusion:
"If not mitigated, our attack will affect the majority of mobile devices, and likely even desktop devices in the coming years."