BleepingComputer reports that security researchers from the Georgia Institute of Technology and Ruhr University Bochum have identified two new side-channel vulnerabilities in Apple’s latest processors, named FLOP and SLAP.
The attacks exploit flaws in speculative execution, the same fundamental weakness that enabled attacks such as Spectre and Meltdown to remotely leak sensitive information from web browsers.
FLOP, or False Load Output Prediction, affects Apple’s latest M3, M4, and A17 chips, which attempt to predict memory values before accessing them. When incorrect predictions occur, attackers can extract data through cache timing analysis. Demonstrations showed FLOP could expose Safari user data, Proton Mail inbox details, Google Maps location history, and private iCloud Calendar events.
Meanwhile, SLAP, or Speculative Load Address Prediction, impacts M2 and A15 processors and several later models. It exploits the CPU’s predictive mechanism for memory addresses and like FLOP tricks it into leaking sensitive data. Researchers demonstrated that SLAP could retrieve Gmail inbox data, Amazon orders, and Reddit user activity.
Both attacks require no physical access and can be executed remotely through a malicious webpage using JavaScript or WebAssembly. Apple has acknowledged the vulnerabilities, but has not yet provided mitigations.