Apple's Arm-based M1 chip, much ballyhooed for its performance, contains a design flaw that can be exploited to allow different processes to communicate with one another, in violation of operating system security principles.
M1RACLES, as the bug has been called, doesn't pose a major security risk because information leakage is already possible through a variety of other side channels. It does, however, add another way for existing malware on affected hardware to conduct covert communication.
The flaw arises from the fact that the ARM system register encoded as s3_5_c15_c10_1 contains two bits that can be read and written at EL0 (Exception Level 0, application level privilege) from all cores simultaneously. In a secure system, cross-process chatter is restricted to keep secrets from ..
Support the originator by clicking the read the rest link below.
