MIT researchers have discovered a flaw in a security system built directly into Apple’s M1 processor. Without constituting an immediate risk, it is quite serious because it cannot be corrected by a software update.
No sooner had the new M2 processor been announced than researchers discovered a flaw in (MIT) in the United States published an article in which they unveiled a flaw dubbed “Pacman”, which manages to bypass the last line of defense of the processor.which equips in particular . A team from
One of the security measures implemented in the processoris called point authentication code ( ) or pointer authentication code, a cryptographic signature that confirms that a program has not been tampered with. The PAC is intended to protect against memory-level code injections and buffer overflows.
A security system also planned on other ARM processors
The researchers managed to create an attack that manages to guess this code through speculative execution. It even works against the system kernel. They haven’t tested the new M2 processor, but this also uses thepointer authentication. This security measure is also provided for in with ARM architecture, in particular those and Samsung, used in the majority of . The flaw could therefore have important ramifications in the future.
This breach being located at the hardware level, it is impossible to correct by a software update. Nevertheless,wants to be reassuring. PACs are an additional line of defense to prevent the exploitation of certain vulnerabilities. Any attack targeting Pacman will therefore first have to find another system flaw to be effective. Devices with M1 chips are therefore not in danger, at least for now, provided you keep your device up to date.