Apple’s M1 chip contains “unfixable” hardware flaw, researcher claims

News
By Keumars Afifi-Sabet
published

The bug, which cannot be easily exploited, is more likely to be abused by advertising companies than cyber criminals

A partially-closed Macbook displaying a range of colours
(Image credit: Shutterstock)

A flaw has been discovered in the design of Apple's flagship M1 CPU that allows any two applications under an operating system (OS) to covertly exchange data between them without using memory, sockets, files, or other regular channels.

The vulnerability, which is baked into the hardware, facilitates communication between processes running as different users and under different privilege levels, creating covert channels for data exchange.

Apple Mac mini (Apple M1, 2020) review: A miniature marvel Apple unveils M1-powered iPad Pro and iMac at April 2021 event M1 Mac mini users suffering Bluetooth connectivity problems

It's being tracked as CVE-2021-30747 and was dubbed M1racles by the researcher who discovered it, Hector Martin. Because the flaw is embedded in the silicon, it cannot be fixed without changing the chip technology.

This flaw is among the first hardware-embedded issues known to affect the M1 chip, after it was introduced into machines last year. It cannot be easily exploited and doesn't represent a major threat to users, however.

Malware cannot exploit this vulnerability to infect machines, or take over computers, but it does give malware strains already installed on devices additional capabilities, given the data exchange nature of the bug.

"If you already have malware on your computer, that malware can communicate with other malware on your computer in an unexpected way," Martin said. "Chances are it could communicate in plenty of expected ways anyway.

RELATED RESOURCE

How to increase cyber resilience within your organisation

Cyber resilience for dummies

FREE DOWNLOAD

"Honestly, I would expect advertising companies to try to abuse this kind of thing for cross-app tracking, more than criminals. Apple could catch them if they tried, though, for App Store apps."

Martin added that nobody's likely to find a nefarious use for the vulnerability in practical circumstances, but the flaw does violate the OS security model. Users aren't supposed to be able to send data between processes in secret, and they aren't supposed to be able to write to random CPU system registers, either.

Virtual machines (VMs) aren't affected by the flaw, and the only mitigation, therefore, is running the entire OS as a VM. Martin added, however, that this isn't practical given it has a major performance impact.

The researcher disclosed the flaw 90 days after initially notifying Apple. Although Apple has acknowledged the flaw, it's unclear whether a fix is planned for future generations of its custom CPU.

Keumars Afifi-Sabet
Keumars Afifi-Sabet
Features Editor

Keumars Afifi-Sabet is a writer and editor that specialises in public sector, cyber security, and cloud computing. He first joined ITPro as a staff writer in April 2018 and eventually became its Features Editor. Although a regular contributor to other tech sites in the past, these days you will find Keumars on LiveScience, where he runs its Technology section.