Two technical papers were published by researchers at Georgia Tech and Ruhr University Bochum detailing CPU side-channel attack vulnerabilities on Apple devices that could reveal confidential data.
FLOP: Breaking the Apple M3 CPU via False Load Output Predictions” Authors: Jason Kim, Jalen Chuang, Daniel Genkin and Yuval Yarom 2025.
“We present FLOP, another speculative execution attack that results from recent Apple CPUs predicting the outcome of data dependencies. Here, we demonstrate that Apple’s M3/A17 generation and newer CPUs are equipped with a Load Value Predictor (LVP). The LVP improves performance on data dependencies by guessing the data value that will be returned by the memory subsystem on the next access by the CPU core, before the value is actually available.
If the LVP guesses wrong, the CPU can perform arbitrary computations on incorrect data under speculative execution. This can cause critical checks in program logic for memory safety to be bypassed, opening attack surfaces for leaking secrets stored in memory. We demonstrate the LVP’s dangers by orchestrating these attacks on both the Safari and Chrome web browsers in the form of arbitrary memory read primitives, recovering location history, calendar events, and credit card information,” according to the researchers’ website.
Find the FLOP paper here.
“SLAP: Data Speculation Attacks via Load Address Prediction on Apple Silicon” Authors: Jason Kim, Daniel Genkin, Yuval Yarom 2025.
We present SLAP, a new speculative execution attack that arises from optimizing data dependencies, as opposed to control flow dependencies. More specifically, we show that Apple CPUs starting with the M2/A15 are equipped with a Load Address Predictor (LAP), which improves performance by guessing the next memory address the CPU will retrieve data from based on prior memory access patterns.
However, if the LAP guesses wrong, it causes the CPU to perform arbitrary computations on out-of-bounds data, which should never have been accessed to begin with, under speculative execution. Building on this observation, we demonstrate the real-world security risks of the LAP via an end-to-end attack on the Safari web browser where an unprivileged remote adversary can recover email content and browsing behavior, “according to the researchers’ website.
Find the SLAP paper here.
The researchers notified Apple about SLAP in May 2024 and FLOP in September 2024. Apple had not yet issued a security update as of Jan 28, 2025, reports Bleeping Computer,
Leave a Reply