Security researchers from Georgia Tech and Ruhr University Bochum have uncovered two significant vulnerabilities in Apple's latest processors that could allow attackers to steal sensitive data through web browsers.
The vulnerabilities, named FLOP (False Load Output Prediction) and SLAP (Speculative Load Address Prediction), exploit performance optimization features in Apple's recent processor designs to leak confidential information.
The vulnerabilities affect Apple's M-series and A-series chips, including the M2, M3, M4, and A15-A17 Pro processors, in every Apple device since 2021.
FLOP: A New Vector for Data Theft
The FLOP vulnerability affects Apple's newest processors - the M3, M4, and A17 Pro. The researchers discovered that these chips implement a Load Value Predictor (LVP), which attempts to predict memory values before they're actually available. While this feature aims to improve performance, it creates a security risk when predictions are incorrect.
"We identify that recent Apple M- and A-series processors implement a load value predictor (LVP), an optimization that predicts the contents of memory that the processor loads before the contents are actually available," the researchers explain in their paper [PDF].
The team demonstrated that FLOP could be weaponized to access sensitive data in Safari, successfully extracting email contents from Gmail, location history from Google Maps, and calendar events from iCloud. The attack requires just "250 training loads to train the LVP with enough confidence for reliable mispredictions," creating a significant exploitation window.
SLAP: Predicting and Exploiting Memory Access
The second vulnerability, SLAP (Speculative Load Address Prediction), exploits another performance feature called Load Address Prediction (LAP).
The researcher exploits the LAP feature, which attempts to predict which memory addresses will be accessed next. When these predictions are incorrect, attackers can potentially access sensitive data that should be off-limits.
The researchers also demonstrated SLAP's effectiveness by extracting cross-origin data from web browsers and breaking Address Space Layout Randomization (ASLR) on macOS.
"The LAP can issue loads to addresses that have never been accessed architecturally and transiently forward the values to younger instructions in an unprecedentedly large window," the research team notes.
Real-World Impact
The researchers demonstrated several practical attacks using these vulnerabilities:
- Extracting email contents and sender information from Gmail
- Accessing location history from Google Maps
- Reading private calendar events from iCloud
- Stealing credit card information from Square's payment system
- Retrieving browsing data from Amazon and Reddit
What makes these vulnerabilities particularly concerning is their ease of exploitation. An attacker only needs to trick a user into visiting a malicious webpage containing specially crafted JavaScript or WebAssembly code.
No malware installation is required, and the attacks can bypass browser sandboxing and traditional memory protections.
Apple's Response
The researchers responsibly disclosed SLAP to Apple on March 24, 2024, followed by FLOP on September 3, 2024. Apple has acknowledged the vulnerabilities, stating, "Based on our analysis, we do not believe this issue poses an immediate risk to our users." However, no patches are currently available.
Until Apple releases security updates, users can protect themselves by disabling JavaScript in Safari and Chrome, though this will impact website functionality.
The researchers suggest that enabling the ARM processor's Data Independent Timing (DIT) feature could help mitigate these attacks, albeit with a performance penalty of approximately 4.5% in browser workloads.
The researchers will present their complete findings at the 2025 IEEE Symposium on Security and Privacy, where they will detail the technical aspects of these vulnerabilities and propose potential hardware and software countermeasures for future processor designs.