Security researchers have found a new vulnerability in Apple’s processors. This ‘Augury’ leak could potentially read the entire memory of iPhones, iPads and Mac computers. It has already been confirmed to work on the Apple A14 (from the iPhone 12 series, among others), M1 and M1 Max.
Augusty uses Data Memory Linked Prefetcher (dmp) In Apple’s chips, it can request data from memory before it is needed. In this sense, the Augury vulnerability is similar to Specter, which also relies on this kind of foundation. speculative execution† However, the Apple bug is potentially more serious, as items may be taken from full memory – not all data requested by the prefetcher.
A team of seven researchers working for the Universities of Illinois Urbana-Champaign, Tel Aviv, and Washington discovered the vulnerability. They suspect that older Apple A-series and other M1 models are also susceptible to Augury, but have yet to test it. AMD and Intel chips do not seem to be affected by this vulnerability.
The researchers note that Augury does not yet pose a major security risk because practical ways to implement the vulnerability have yet to be discovered. However, they suspect that Augury-based attacks could occur in the future, and it’s problematic.
The team reported the details of the bug to Apple. As far as we know, there is no patch for Augury yet.
Sources: Prefetchers, Tom’s Hardware
Source: Hardware Info
