Techly NewsGet the app

Get the latest tech news

New speculative attacks on Apple CPUs


The SLAP and FLOP Address and Value Prediction Attacks

While cached copies of previously visited websites may be present in the web browser, it is difficult to automatically detect malicious code patterns that exploit hardware vulnerabilities. Here, we show that the LVP allows us to run a function with the wrong arguments (e.g., pointer instead of integer), again resulting in a type confusion based primitive for reading arbitrary memory addresses. On the other hand, FLOP is a speculative type confusion attack that causes the CPU to bypass integrity checks on data structures, resulting in memory read primitives from arbitrary addresses in Safari and Chrome.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Apple CPUs

Apple CPUs

Related news:

News photo

Oracle warns that macOS 14.4 update breaks Java on Apple CPUs

« This Xiaomi-PlayStation fitness tracker is a gimmick. I want more like it.
Heads up, Animal Crossing: Pocket Camp Complete will only be $10 for a couple more days »