MIT describes Pacman attack that bypasses Arm-soc memory protection

Security researchers at MIT have discovered a hardware vulnerability in a security mechanism of Arm chips such as Apple’s M1-soc. They describe how it can be exploited in an attack to bypass memory protection.

The researchers at the MIT Computer Science & Artificial Intelligence Laboratory describe in a paper how they succeeded in creating the so-called bypass pointer authentication of Arm chips using speculative execution. They demonstrate their findings with an attack on the memory protection of an Apple M1 soc. The researcher reports this to The Register chosen for the M1 because this is the first desktop processor with Arm Pointer Authentication.

This security technique has been present in the chip architecture since 2017 with the arrival of Armv8.3. There is a good chance that other Arm socks such as those from Qualcomm and Samsung are also vulnerable. A pointer refers to memory addresses and manipulation allows potentially sensitive data to be retrieved and code to be executed. Cryptographic signatures called pointer authentication codes, or PACs, are designed to prevent manipulation.

The MIT researchers used a side-channel attack to find out the results of the PAC verification. In doing so, they used the speculative execution engine to “guess” values. Processors use speculative execution to have the outcome of calculations ready before they are actually needed, in order to speed up the final processing. This property was also used for attacks in Specter and Meltdown.

To perform a Pacman attack, a pre-existing software vulnerability is required, which limits the impact somewhat. Once executed, it is possible to execute code at the kernel level and completely take over a system, the researchers said. They will be demonstrating their attack at the International Symposium on Computer Architecture in New York, which begins June 18.