By: Gionatan Danti (g.danti.delete@this.assyoma.it), May 29, 2021 2:49 am
Room: Moderated Discussions
From here:
"A flaw in the design of the Apple Silicon "M1" chip allows any two applications running under an OS to covertly exchange data between them, without using memory, sockets, files, or any other normal operating system features. This works between processes running as different users and under different privilege levels, creating a covert channel for surreptitious data exchange. The vulnerability is baked into Apple Silicon chips, and cannot be fixed without a new silicon revision."
It seems that any two processes should "agree" to use this covert channel.
Any thoughts?
"A flaw in the design of the Apple Silicon "M1" chip allows any two applications running under an OS to covertly exchange data between them, without using memory, sockets, files, or any other normal operating system features. This works between processes running as different users and under different privilege levels, creating a covert channel for surreptitious data exchange. The vulnerability is baked into Apple Silicon chips, and cannot be fixed without a new silicon revision."
It seems that any two processes should "agree" to use this covert channel.
Any thoughts?
Topic | Posted By | Date |
---|---|---|
M1RACLES (CVE-2021-30747) on Apple M1 silicon | Gionatan Danti | 2021/05/29 02:49 AM |
M1RACLES (CVE-2021-30747) on Apple M1 silicon | Foo_ | 2021/05/29 02:59 AM |
M1RACLES (CVE-2021-30747) on Apple M1 silicon | dmcq | 2021/05/29 05:25 AM |
M1RACLES (CVE-2021-30747) on Apple M1 silicon | Doug S | 2021/05/29 08:02 AM |
M1RACLES (CVE-2021-30747) on Apple M1 silicon | wumpus | 2021/05/29 12:15 PM |
what does S3_5_C15_C10_1 do? why is the CVE score so high? | anonymou5 | 2021/05/29 02:09 PM |
what does S3_5_C15_C10_1 do? why is the CVE score so high? | Doug S | 2021/05/30 08:35 AM |
what does S3_5_C15_C10_1 do? why is the temporary CVSS score so high? | anonymou5 | 2021/05/30 02:34 PM |
what does S3_5_C15_C10_1 do? why is the temporary CVSS score so high? | Rayla | 2021/05/30 02:59 PM |
what does S3_5_C15_C10_1 do? why is the temporary CVSS score so high? | anonymou5 | 2021/05/30 11:41 PM |
what does S3_5_C15_C10_1 do? why is the CVE score so high? | Rayla | 2021/05/30 01:23 PM |
It does not sound like a flow at all (NT) | Michael S | 2021/05/29 09:40 AM |