M1RACLES (CVE-2021-30747) on Apple M1 silicon

By: Gionatan Danti (g.danti.delete@this.assyoma.it), May 29, 2021 2:49 am
Room: Moderated Discussions
From here:

"A flaw in the design of the Apple Silicon "M1" chip allows any two applications running under an OS to covertly exchange data between them, without using memory, sockets, files, or any other normal operating system features. This works between processes running as different users and under different privilege levels, creating a covert channel for surreptitious data exchange. The vulnerability is baked into Apple Silicon chips, and cannot be fixed without a new silicon revision."

It seems that any two processes should "agree" to use this covert channel.
Any thoughts?
 Next Post in Thread >
TopicPosted ByDate
M1RACLES (CVE-2021-30747) on Apple M1 siliconGionatan Danti2021/05/29 02:49 AM
  M1RACLES (CVE-2021-30747) on Apple M1 siliconFoo_2021/05/29 02:59 AM
    M1RACLES (CVE-2021-30747) on Apple M1 silicondmcq2021/05/29 05:25 AM
      M1RACLES (CVE-2021-30747) on Apple M1 siliconDoug S2021/05/29 08:02 AM
        M1RACLES (CVE-2021-30747) on Apple M1 siliconwumpus2021/05/29 12:15 PM
          what does S3_5_C15_C10_1 do? why is the CVE score so high?anonymou52021/05/29 02:09 PM
            what does S3_5_C15_C10_1 do? why is the CVE score so high?Doug S2021/05/30 08:35 AM
              what does S3_5_C15_C10_1 do? why is the temporary CVSS score so high?anonymou52021/05/30 02:34 PM
                what does S3_5_C15_C10_1 do? why is the temporary CVSS score so high?Rayla2021/05/30 02:59 PM
                  what does S3_5_C15_C10_1 do? why is the temporary CVSS score so high?anonymou52021/05/30 11:41 PM
            what does S3_5_C15_C10_1 do? why is the CVE score so high?Rayla2021/05/30 01:23 PM
  It does not sound like a flow at all (NT)Michael S2021/05/29 09:40 AM
Reply to this Topic
Name:
Email:
Topic:
Body: No Text
How do you spell tangerine? 🍊