MIT researchers find new hardware vulnerability in the Apple M1 chip

Researchers from MIT’s Computer Science & Artificial Intelligence Laboratory have found a vulnerability affecting Apple’s much-heralded M1 chip.

Joseph Ravichandran, Weon Taek Na, Jay Lang and Mengjia Yan from MIT released a report on Friday illustrating their ability to create a novel hardware attack that shows the Pointer Authentication Code (PAC) – the last line of defense against typical software vulnerabilities – “can be defeated without leaving a trace.”

The researchers found that it's possible to "guess" a value for the PAC and reveal whether the guess was correct or not via a hardware side channel. Since their attack uses a hardware mechanism, no software patch can ever fix it, they said. 

The PAC is designed to stop bugs that typically would compromise a system or leak private information. But the researchers said they developed a hardware attack they named “PACMAN.”

“The idea behind pointer authentication is that if all else has failed, you still can rely on it to prevent attackers from gaining control of your system. We've shown that pointer authentication as a last line of defense isn't as absolute as we once thought it was,” Ravichandran said.

“When pointer authentication was introduced, a whole category of bugs suddenly became a lot harder to use for attacks. With PACMAN making these bugs more serious, the overall attack surface could be a lot larger.” 

Ravichandran said the team behind the paper on the issue wanted to see what would happen if they combined hardware and software attacks, which are typically separate. Their research into PAC is funded in part by the Air Force Office of Scientific Research and National Science Foundation.

Software threats typically range from phishing attempts, malware, denial-of-service and more while hardware attacks cover things like Spectre and Meltdown, security vulnerabilities discovered in January 2018 that manipulate microarchitectural structures to steal data from iPhones, iPads and other devices. 

MIT Professor and author Mengjia Yan said researchers have come up with ways to mitigate software vulnerabilities with using various innovative techniques such as ARM pointer authentication. 

“Our work provides insight into how software vulnerabilities that continue to exist as important mitigation methods can be bypassed via hardware attacks,” Yan explained. “It’s a new way to look at this very long-lasting security threat model. Many other mitigation mechanisms exist that are not well studied under this new compounding threat model, so we consider the PACMAN attack as a starting point. We hope PACMAN can inspire more work in this research direction in the community.”

Ravichandran added that PACMAN represents “a new way of thinking about how threat models converge in the Spectre era.”

The researchers noted that PACMAN can only take an existing bug that pointer authentication protects against, and unleash that bug's true potential for use in an attack by finding the correct PAC.

In a lengthy paper on PACMAN, the researchers explained that the PAC is designed to protect the most privileged part of a system: the core operating system kernel. 

Someone with control over the kernel can effectively do whatever they'd like on a device, according to the MIT researchers. 

Ravichandran said future CPU designers should consider this attack when building future systems and “take care to not solely rely on pointer authentication to protect their software." 

In a statement to The Record, an Apple spokesperson said they have “concluded this issue does not pose an immediate risk to our users and is insufficient to bypass operating system security protections on its own.”

“We want to thank the researchers for their collaboration as this proof of concept advances our understanding of these techniques,” the spokesperson said. 

An MIT spokesperson said that while it does not pose an immediate risk, the proof of concept is illustrative of the problem.