• SLAP and FLOP security flaws affect all current Apple devices, and many older..

    Home » Forums » Cyber Security Information and Advisories » Code Red – Security/Privacy advisories » SLAP and FLOP security flaws affect all current Apple devices, and many older..

    Author
    Topic
    Alex5723
    AskWoody Plus
    January 29, 2025 at 11:08 am #2743775

    https://9to5mac.com/2025/01/29/slap-and-flop-security-flaws-affect-all-current-apple-devices-and-many-older-ones/

    Security researchers have discovered two flaws present in all current iPhones, iPads, and Macs – as well as many earlier ones. The vulnerabilities, known as SLAP and FLOP, could potentially allow an attacker to see the current contents of your open web tabs.

    The flaws were introduced in the A15 and M2 chips, and are also found in subsequent ones, up to and including the latest version of each device …..

    SLAP (Speculation Attacks via Load Address Prediction) and FLOP (False Load Output Predictions) were discovered by security researchers at the Georgia Institute of Technology. They work in the same way as Spectre and Meltdown..

    If an attacker can inject malformed data into these processes, then it can read memory content that shouldn’t be accessible…

    The researchers say there is no evidence that either vulnerability has yet been exploited in the wild…

    (Apple) Based on our analysis, we do not believe this issue poses an immediate risk to our users…

    * This are CPU bugs so maybe Apple will fix it with A19/M5 CPUs and older CPUs via firmware updates.

    Reply | Quote
    Viewing 1 reply thread
    Author
    Replies
    • Microfix
      AskWoody MVP
      January 30, 2025 at 12:35 pm #2744099

      From my understanding, FLOP impacts M3, M4 and A17 chips and SLAP affects M2, A15 or newer CPU’s..

      iThing users of Chrome or Safari browsers seem to be more at risk from FLOP whereas SLAP, exploits the system memory logic.
      By introducing firmware side channel mitigations, surely the system performance will suffer.?
      How financially convenient for ‘CPUertino’..it’s almost like it was pre-planned eh

      Windows - commercial by definition and now function...
      1 user thanked author for this post.
      Alex5723
      Reply | Quote
    • Alex5723
      AskWoody Plus
      January 30, 2025 at 1:15 pm #2744114
      Microfix wrote:

      it’s almost like it was pre-planned eh

      Just like Spectre and Meltdown were for Intel ?

      Reply | Quote
    Viewing 1 reply thread
    Reply To: SLAP and FLOP security flaws affect all current Apple devices, and many older..

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    April 2025
    S M T W T F S
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.