Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

"Augury" vulnerability discovered in Apple silicon and mobile chips

P

pshufd

macrumors G4
Original poster
Oct 24, 2013
10,149
14,573
New Hampshire
Researchers recently published a paper detailing a vulnerability they are calling Augury that affects Apple's M1, M1 Max, and A14 processors. It might also reach older A-series chips and newer M1 relatives.

Augury comes from Apple silicon's use of a Data Memory-Dependent Prefetcher (DMP) which is an optimization that accounts for the content of previous memory prefetches. That method provides a clue as to the memory's contents, making it possible to leak them.

www.techspot.com

"Augury" vulnerability discovered in Apple silicon and mobile chips

Researchers recently published a paper detailing a vulnerability they are calling Augury that affects Apple's M1, M1 Max, and A14 processors. It might also reach older A-series...
www.techspot.com www.techspot.com

There are several articles out about this. I'd guess that Apple will fix it pretty fast or that it has already been fixed.
 
  • Wow
Reactions: sorgo †
L

leman

macrumors Core
Oct 14, 2008
19,521
19,677
Doubt that Apple will fix it. It’s basically another variant of Spectre. Sounds scary, but almost impossible to exploit in practice. There are still no Spectre exploits in the wild even though all CPUs have been vulnerable for years.
 
  • Like
Reactions: satcomer, Colstan, Tagbert and 3 others
Andropov

Andropov

macrumors 6502a
May 3, 2012
746
990
Spain
leman said:
Doubt that Apple will fix it. It’s basically another variant of Spectre. Sounds scary, but almost impossible to exploit in practice. There are still no Spectre exploits in the wild even though all CPUs have been vulnerable for years.
Click to expand...
Seems even less scary than Spectre. The paper mentions some limitations of the method. It exploits pointer dereference prefetching behaviour, but to actually leak any data, the target memory addresses must:
  • Be a valid pointer (the upper 57 bits must be a valid memory address).
  • The address in those upper 57 bits must be within the 0x000000000 to 0x280000000 range (this means that only works on userspace memory, and not even all userspace memory).
  • Be within a maximum distance from previously fetched addresses.
  • Be 8-byte aligned.
Some extra limitations:
  • Firestorm cores only (different prefetching behaviour on Icestorm).
  • The lower 8 bits of the target memory address cannot be leaked, and, since the addresses must be 8-byte aligned for the prefetching to happen, it's not possible to run a 'sliding window' to retrieve those 8 bits by shifting the target address by 8 bits. Those lower bits are apparently safe from this vulnerability.
 
Last edited:
  • Like
Reactions: Colstan, ahurst, Tagbert and 3 others
jav6454

jav6454

macrumors Core
Nov 14, 2007
22,303
6,264
1 Geostationary Tower Plaza
Andropov said:
Seems even less scary than Spectre. The paper mentions some limitations of the method. It exploits pointer dereference prefetching behaviour, but to actually leak any data, the target memory addresses must:
  • Be a valid pointer (the upper 57 bits must be a valid memory address).
  • The address in those upper 57 bits must be within the 0x000000000 to 0x280000000 range (this means that only works on userspace memory, and not even all userspace memory).
  • Be within a maximum distance from previously fetched addresses.
  • Be 8-byte aligned.
Some extra limitations:
  • Firestorm cores only (different prefetching behaviour on Icestorm).
  • The lower 8 bits of the target memory address cannot be leaked, and, since the addresses must be 8-byte aligned for the prefetching to happen, it's not possible to run a 'sliding window' to retrieve those 8 bits by shifting the target address by 8 bits. Those lower bits are apparently safe from this vulnerability.
Click to expand...
So in other words, it is even harder to exploit. Even if it was, the hacker would have to know where specifically in memory is the data they want to gain direct access and within only a certain range of memory addresses.
 
  • Like
Reactions: Colstan and Tagbert
Colstan

Colstan

macrumors 6502
Jul 30, 2020
330
711
So, this exploit makes for an interesting research paper that grabs headlines, but there are far easier, less time consuming, and much simpler ways to hack into a system?

security.png
 
  • Wow
  • Like
Reactions: Apple Knowledge Navigator and Andropov
B

BootsWalking

macrumors 68020
Feb 1, 2014
2,274
14,232
Andropov said:
Seems even less scary than Spectre. The paper mentions some limitations of the method. It exploits pointer dereference prefetching behaviour, but to actually leak any data, the target memory addresses must:
  • Be a valid pointer (the upper 57 bits must be a valid memory address).
  • The address in those upper 57 bits must be within the 0x000000000 to 0x280000000 range (this means that only works on userspace memory, and not even all userspace memory).
  • Be within a maximum distance from previously fetched addresses.
  • Be 8-byte aligned.
Some extra limitations:
  • Firestorm cores only (different prefetching behaviour on Icestorm).
  • The lower 8 bits of the target memory address cannot be leaked, and, since the addresses must be 8-byte aligned for the prefetching to happen, it's not possible to run a 'sliding window' to retrieve those 8 bits by shifting the target address by 8 bits. Those lower bits are apparently safe from this vulnerability.
Click to expand...
Few points. First, this isn't limited to user space. They found the M1's DMP would not speculatively prefetch between 0x280000000 and 0xffff3f2b0000 but based on some M1-based kernel panics I found online the kernel uses addresses above this range (first response marked "helpful" in this thread).

Second, most/all pointers will be 8-byte aligned as a compiler optimization, so that's not a significant limitation.

Also, there are serious vulnerabilities brought up in the paper. For example, the ability to break ASLR more easily since valid/invalid virtual address pointers can be trivially induced.

Speaking more generally, the fact that by nature DMP is speculatively prefetching based on data contents rather than just addresses opens up a pandora box of exploits, too many for the papers' authors to even imagine and consider. It doesn't help that the M1 doesn't seem to employ any observable mitigation such as instruction-pointer tagging. To devise such a broad-based speculative prefetcher in the era of known Spectre-type side-channel exploits without significant preventative mitigations (as far as we're aware today, which is admittedly early) is shocking to me.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom