Researchers at MIT have discovered an unpatchable security flaw in Apple’s M1 chip, a flaw that’s reminiscent of the Spectre and Meltdown flaws.
Researcher’s at MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) were investigating what would happen when software and hardware hacking techniques are combined. Traditionally, the two are often viewed as completely separate, with little research having been done on combining the two. The result was MIT’s PACMAN exploit, one that involves breaking a software security feature with a hardware attack.
“That’s the heart of what PACMAN represents – a new way of thinking about how threat models converge in the Spectre era,” says MIT CSAIL PhD student Joseph Ravichandran, co-lead author of a new paper about PACMAN.
The exploit attacks the M1’s “Pointer Authentication” feature, considered a last line of defense against software vulnerabilities. Essentially, the pointer authentication code (PAC) checks the state of a program to ensure it hasn’t been maliciously changed. The researchers’ attack guesses at all the possible values of the PAC, using a hardware side channel to confirm the validity of the guesses until it hits the right one. What’s more, because the guesses are done under speculative execution, there’s not trace left of the attack. Worst of all, because the attack is using a hardware mechanism, it can never be fixed with a software patch.
Because pointer authentication is often used to ensure the integrity of an operating system (OS) kernel, and MIT’s researchers showed PACMAN could successfully compromise that security, the exploit could have profound implications for the security of the very core of an OS.
“Massive implications for future security work on all ARM systems with pointer authentication enabled. Future CPU designers should take care to consider this attack when building the secure systems of tomorrow,” says Ravichandran. “Developers should take care to not solely rely on pointer authentication to protect their software.”
The researchers point out that PACMAN doesn’t bypass all of the M1’s security features. It simply takes a bug that pointer authentication would otherwise protect against and opens the door for it to achieve its full potential.
“The idea behind pointer authentication is that if all else has failed, you still can rely on it to prevent attackers from gaining control of your system. We’ve shown that pointer authentication as a last line of defense isn’t as absolute as we once thought it was,” adds Ravichandran. “When pointer authentication was introduced, a whole category of bugs suddenly became a lot harder to use for attacks. With PACMAN making these bugs more serious, the overall attack surface could be a lot larger.”
Apple provided the following statement to TechCrunch in the aftermath of the report:
“We want to thank the researchers for their collaboration as this proof of concept advances our understanding of these techniques. Based on our analysis as well as the details shared with us by the researchers, we have concluded this issue does not pose an immediate risk to our users and is insufficient to bypass operating system security protections on its own.”
While the threat may not be grave, here’s to hoping Apple addresses it in upcoming M-series chips.