March 25, 2024 at 10:36AM
Researchers have delved further into the GoFetch vulnerability affecting Apple M-series and Intel Raptor Lake CPUs. Exploiting data memory-dependent prefetchers, the exploit leaks core-cached data, posing a threat for hackers. While patches are possible for M3 and Raptor Lake CPUs, the M1 and M2 chips face challenges due to the inherent nature of the vulnerability.
Based on the meeting notes, the GoFetch vulnerability affects Apple M-series and Intel Raptor Lake CPUs by exploiting data memory-dependent prefetchers (DMPs), which can potentially leak sensitive data from the core’s cache. While this vulnerability is similar to speculative execution vulnerabilities like Spectre, it poses a significant security risk.
For M3 and Raptor Lake CPUs, a software patch can solve the issue by disabling the DMP. However, for M1 and M2 chips, the researchers mentioned that disabling DMP is not possible. They suggested a potential workaround for M-series CPUs by running cryptographic work solely on the Icestorm cores, which are less vulnerable.
Furthermore, it was noted that if future M-series processors enable DMP in their efficiency cores, it could expose sensitive data. The researchers emphasized the importance of Apple addressing this vulnerability in future CPU generations.
Overall, the meeting notes provide a detailed overview of the GoFetch vulnerability and its potential implications for different CPU models, along with potential solutions and limitations associated with addressing the security exploit.