A new hardware vulnerability found in the Apple M1 chip

It shows that pointer authentication can be defeated without even leaving a trace.

Apple’s M1 chip was the first Apple-designed System on a Chip (SoC) developed for use in Macs. Pointer authentication is a function on the M1 chip that acts as the last line of defense against common software vulnerabilities. Bugs that could typically exploit a system or expose confidential information are halted dead in their tracks when pointer authentication is enabled.

Yet despite the chip’s potency, there’s been no shortage of vulnerability grievances, as fears of sensitive data and personal information leaks abound. More recently, the chip was found to have an ‘unpatchable’ hardware vulnerability.

Scientists from MIT‘s CSAIL (Computer Science and Artificial Intelligence Laboratory) have discovered a flaw: Their PACMAN hardware attack demonstrates how pointer authentication may be evaded without leaving a trace. Furthermore, because PACMAN is based on a hardware mechanism, no software patch will ever be able to solve it.

A pointer authentication code, or PAC, is a signature that verifies that the program’s state hasn’t been changed maliciously. The PACMAN attack begins. Scientists demonstrated that a hardware side-channel might be used to guess a PAC value and then reveal whether the guess is valid or not. They discovered that because the PAC has only a limited number of possible values, it is possible to attempt all of them to find the correct one. Most crucially, the attack is undetectable because the estimates are all made on the fly.

Joseph Ravichandran, an MIT graduate student in electrical engineering and computer science, CSAIL affiliate, said, “The idea behind pointer authentication is that if all else has failed, you still can rely on it to prevent attackers from gaining control of your system. We’ve shown that pointer authentication as a last line of defense isn’t as absolute as we once thought it was. When pointer authentication was introduced, a whole category of bugs suddenly became much harder to use for attacks. With PACMAN making these bugs more serious, the overall attack surface could be much larger.”

The team showed that the PACMAN attack works against the kernel, which has massive implications for future security work on all ARM systems with pointer authentication enabled.

Ravichandran said, “Future CPU designers should consider this attack when building the security systems of tomorrow. Developers should take care to not solely rely on pointer authentication to protect their software.”

Mengjia Yan, the Homer A. Burnell Career Development Professor, assistant professor in the MIT Department of Electrical Engineering and Computer Science (EECS), CSAIL affiliate, and senior author on the team’s paper, said, “Software vulnerabilities have existed for roughly 30 years now. Researchers have devised ways to mitigate them using various innovative techniques, such as ARM pointer authentication, which we are attacking now. Our work provides insight into how software vulnerabilities that remain important mitigation methods can be bypassed via hardware attacks. It’s a new way to look at this long-lasting security threat model. Many other mitigation mechanisms exist that are not well studied under this new compounding threat model, so we consider the PACMAN attack as a starting point. We hope PACMAN can inspire more work in this research direction in the community.”

Scientists will present their work at the International Symposium on Computer Architecture on June 18. Ravichandran and Yan wrote the paper alongside co-first author Weon Taek Na, an EECS student at CSAIL, and MIT undergraduate Jay Lang.

Journal Reference:

  1. Joseph Ravichandran, Weon Taek Na∗, Jay Lang. PACMAN: Attacking ARM Pointer Authentication with Speculative Execution. DOI: 10.1145/3470496.3527429

Latest Updates

Trending