Apple silicon vunrebility implications: GoFetch

camp · June 30, 2024, 9:19pm

Apple’s M2, and M3 chips are pretty common. The vulnerability “GoFetch” is an un-patchable vulnerability that can leak cryptographic keys.

Has anyone seen any write ups on how this could be used in real world attacks? So far it hasn’t been exploited. I skimmed the article and it seems like this exploit could leak encryption keys used for SSLs, communications, etc.

Does this exploit require physical access to the device, or can it be accessed remotely?

Valynor · June 30, 2024, 9:29pm

This is all stuff that pretty much needs laboratory* conditions to work, at least for the foreseeable future.

*just the right apps on just the right cores with just the right OS settings and nothing else interfering. As a normal user you don’t really have to worry about this until they manage to forge this into an exploit that can run from a website (which is extremely difficult)

Topic		Replies	Views
Unpatchable vulnerability in Apple chip leaks secret encryption keys Privacy hardware , article	1	399	March 22, 2024
4-year campaign backdoored iPhones using possibly the most advanced exploit ever Privacy article	6	644	December 28, 2023
iLeakage Vulnerability Privacy	9	412	October 28, 2023
How can I have a computer without Intel ME? Questions	50	2214	June 15, 2024
Debunking fake stock Pixel OS vulnerability from an EDR company Privacy software	26	514	August 16, 2024

Apple silicon vunrebility implications: GoFetch

Related Topics