March 25th – A new security vulnerability called “GoFetch” has been discovered. It affects Apple’s M1, M2 and M3 processors. The vulnerability can be exploited to steal secret cryptographic keys stored in the CPU’s cache memory.
The attack leverages a feature called data memory-dependent prefetchers (DMPs), which are present in modern Apple CPUs. DMPs are designed to improve performance by predicting and obtaining data that the CPU may need in the future.
However, researchers have found that DMPs can be manipulated to leak information about secret cryptographic keys used in various algorithms, like Go RSA, OpenSSL Diffie-Hellman, Dilithium and others.
GoFetch vulnerability
This vulnerability was discovered by a team of seven researchers who hail from a variety of universities in the U.S. The researchers initially reported their findings to Apple in early December.
Since this is a hardware-based vulnerability, it cannot be fixed via software updates for affected CPUs. While software mitigations are possible, they could result in a performance drop for cryptographic functions on these CPUs.
Potential defenses
As for what Apple owners should do, the researchers suggest some potential defenses.
1. Disabling DMP: This removes the prefetching behavior exploited by GoFetch. However, doing so is only possible on the M3 chip, not the M1 or M2.
2. Input blinding and DMP activation masking: These techniques obfuscate the results of the attacker’s input on the DMP level, making it harder to exploit.
Apple could introduce software mitigations through macOS updates, but these would likely impact performance, similar to previous software fixes for side-channel attacks.
Other details
The GoFetch attack can be executed remotely if the attacker can run code on the target machine. For example, via malware infection.
More on this story can be found here. Lastly, subscribe to the CyberTalk.org newsletter for timely insights, cutting-edge analyses and more, delivered straight to your inbox each week.