MIT researchers discovered a flaw in a security system built directly into Apple’s M1 processor. Without posing an immediate risk, it is quite serious because it cannot be corrected with a software update.
As soon as the new M2 processor was announced, the researchers discovered a flawwhich equips in particular . A team of (MIT) in the United States published an article in which it revealed a flaw nicknamed “Pacman”, which manages to bypass the processor’s last line of defense.
One of the security measures implemented in the processoris called point authentication code ( ) or pointer authentication code, a cryptographic signature confirming that a program has not been tampered with. The PAC is intended to protect against memory-level code injections and buffer overflows.
A security system also provided on other ARM processors
The researchers managed to create an attack that manages to guess this code through speculative execution. It also works against the system kernel. They haven’t tested the new M2 processor, but this one also uses thepointer authentication. This security measure is also provided for by art with ARM architecture, especially those and Samsung, used in most of the . The defect could therefore have important ramifications in the future.
As this violation is localized at the hardware level, it is impossible to correct it with a software update. However,wants to be reassuring. PACs are an additional line of defense to prevent the exploitation of certain vulnerabilities. Any attack targeting Pacman will therefore first have to find another system flaw to be effective. Devices with M1 chips are therefore not in danger, at least for now, as long as you keep your device up to date.