Security researchers have uncovered significant vulnerabilities in Apple’s CPUs, leading to new side-channel attacks capable of stealing sensitive data directly from web browsers. These attacks, termed SLAP and FLOP, exploit weaknesses in the speculative execution implementation, a technique designed to speed up processing.
The Georgia Institute of Technology and Ruhr University Bochum researchers detailed their findings in two separate papers. Their October 2023 ‘iLeakage’ attack foreshadowed these latest discoveries. SLAP and FLOP represent distinct flaws and exploitation methods.
“Starting with the M2/A15 generation, Apple CPUs attempt to predict the next memory address that will be accessed by the core,” the researchers explained.
“Moreover, starting with the M3/A17 generation, they attempt to predict the data value that will be returned from memory. However, mispredictions in these mechanisms can result in arbitrary computations being performed on out-of-bounds data or wrong data values.”
These mispredictions have serious security implications. The researchers demonstrated the ability to bypass web browser sandboxing and access cross-origin personally identifiable information on Safari and Chrome. The attacks are executed remotely via malicious websites containing JavaScript or WebAssembly code.
The researchers responsibly disclosed the vulnerabilities to Apple on March 24, 2024 (SLAP) and September 3, 2024 (FLOP).
Apple acknowledged the proof-of-concept and stated it plans to address the issues; however, at the time of writing, patches remain unavailable.
“We want to thank the researchers for their collaboration as this proof of concept advances our understanding of these types of threats,” Apple said. “Based on our analysis, we do not believe this issue poses an immediate risk to our users.”
SLAP & FLOP Side-Channel Attacks
FLOP (False Load Output Prediction)
This attack affects Apple’s M3, M4, and A17 processors. It exploits the CPU’s prediction of both memory addresses and data values. Incorrect predictions lead to the use of wrong data in computations, enabling data leakage.
The researchers demonstrated this by training the M3 CPU to mispredict, then exploiting the resulting cache timing attacks to extract sensitive data. They successfully retrieved data from Proton Mail, Google Maps, and iCloud Calendar, demonstrating the severity of the CPU side-channel attack.
SLAP (Speculative Load Address Prediction): This SLAP & FLOP side-channel attack impacts Apple’s M2 and A15 processors, and many later models. Unlike FLOP, SLAP focuses on the prediction of the next memory address (Load Address Prediction or LAP).
Attackers can manipulate the CPU’s predictions to access secret data, exploiting cache timing to recover the information before the CPU corrects its mistake. The researchers demonstrated the ability to steal data from Gmail, Amazon, and Reddit, proving the effectiveness of this Apple CPU side-channel attack.
The SLAP & FLOP side-channel attacks are particularly concerning due to their remote execution capability. Victims only need to visit a malicious website; no malware installation is required. The attacks bypass browser sandboxing, ASLR, and traditional memory protections.
Until Apple releases security updates, disabling JavaScript in Safari and Chrome is a possible mitigation, although this will break many websites.
