A research team from Georgia Institute of Technology and Ruhr University Bochum has unveiled two serious side-channel vulnerabilities in Apple silicon, dubbed SLAP and FLOP. These exploits target speculative execution, a method used by modern CPUs to enhance performance by guessing which instructions to execute. The attacks demonstrate that speculative execution can leave behind potentially exploitable traces, enabling sensitive data to be leaked from web browsers like Safari and Chrome. Apple was informed of these vulnerabilities in 2024 and was previously notified about similar attacks, highlighting growing concerns around silicon security.
In SLAP and FLOP, we demonstrate that recent Apple CPUs go beyond this, not only predicting the control flow the CPU should take, but also the data flow the CPU should operate on if data are not readily available from the memory subsystem.
Unlike Spectre, mispredictions on data flow do not directly result in the CPU speculatively executing the wrong instructions. Instead, they result in the CPU executing arbitrary instructions on the wrong data.
Collection
[
|
...
]