Researchers have discovered a vulnerability, dubbed ‘GoFetch’, in Apple’s M-series chips that allows attackers to extract secret encryption keys. The flaw, which is unpatchable as it stems from the microarchitectural design of the silicon itself, can be exploited when the targeted cryptographic operation and a malicious application with normal user system privileges run on the same CPU cluster. The vulnerability resides in the chips’ data memory-dependent prefetcher, a hardware optimization feature. This discovery exposes a previously overlooked behavior of data memory-dependent prefetchers in Apple silicon, leading to a violation of the constant-time paradigm. Apple is yet to provide a solution.
read more > arstechnica.com