You can now find Cyber Kendra on Google News | Telegram

Pacman Attacks: Researchers Discovered Vulnerability in Apple M1

Pacman - A new hardware vulnerability in the Apple M1 chip

PACMAN Vulnerability

The Apple M1 is fast and extremely power efficient, but like all processors, it's not bulletproof. Researchers from the Massachusetts Institute of Technology Computer Science and Artificial Intelligence Laboratory (CSAIL) have discovered a new hardware vulnerability in Apple's M1 series chips using a new PACMAN technique to steal data.

The chip is protected by several levels of security, the last one is called PAC. Pointer Authentication is a security feature that helps protect the processor from an intruder who has accessed memory. Pointers store memory addresses, and the Pointer Authentication Code (PAC) checks for unexpected pointer changes caused by an attack. 

PACMAN is an attack that can find the correct value to successfully authenticate the pointer so that the hacker can continue gaining access to the computer.

The researchers claim that the attack potentially allows access to the main kernel of the operating system, which gives attackers complete control over the system through a combination of software and hardware attacks.

According to the researchers, the exploit does not require physical access to the machine, so the vulnerability can be exploited remotely. It is claimed that the M1 hardware vulnerabilities cannot be fixed by software, so the vulnerability affects all existing and future devices based on the M1 chip and other ARM architectures.

"Any chip that uses speculative execution to evaluate and operate on signed pointer authentication pointers (and willingly handle nested mispredictions) could potentially be vulnerable to PACMAN," said Joseph Ravichandran, a researcher at the MIT team. This means it may affect chips from other Arm manufacturers that support pointer authentication, such as Qualcomm and Samsung, but these chips have not yet been tested.

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
Oops!
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.