Apple silicon and mobilechips have discovered a "Augury" vulnerability

Apple silicon and mobilechips have discovered a "Augury" vulnerability ...

Researchers have recently published a paper revealing a flaw they are calling Augury. It might also reach older A-series chips and newer M1 relatives.

Although Augury hasn''t brought to real exploits yet, it''s unique because it can leak data that neither the core nor any instructions have read. This nullifies many defenses against Spectre, which work by tracking what data the core and instructions access.

We discovered a way to leak data on Apple Silicon processors that is "at rest": c.s., data the core never reads speculatively or non-speculatively. This will be an odd one, but be careful not to keep an eye on it at all.co/KCnw9PAlSS

Apple silicon''s use of a Data Memory-Dependent Prefetcher (DMP) is an algorithm that displays the contents of previous memory prefetches, giving an overview of the memory''s contents, making it possible to leak them.

The researchers argue that Augury is not extremely dangerous partly because it prefetches valid virtual addresses. However, it may be harmed by ASLR (Address Space Layout Randomization), which might be the first step in a successful exploit.

Apple provided all of the details on Augury before publishing their findings, thereby allowing the company to provide a fix if it becomes a problem.

You may also like: