GoFetch - A recent "Hardware" vulnerability has been found in Apple Silicon and which can lead to "Leaky Caches" (stealing CPU System Cache data such as Cryptographic Keys etc) in Apple M1, M2 and M3. Which is Un-Fixable at any software level.

This vulnerability exploits the data memory-dependent prefetchers (DMPs) in Apple's silicon chips. Attackers can use this side-channel attack to extract sensitive information by observing the prefetching behavior of the CPU. This makes it possible to retrieve cryptographic keys and other confidential data without leaving any trace.

The GoFetch attack is particularly concerning because it bypasses traditional security measures and cannot be mitigated through software patches. The only potential solution would be a hardware redesign, which is not feasible for existing devices.

References:

• A. researchers find unfixable bug in apple computers - Low Level
• B. Unpatchable Apple Exploit Found!!! - ThePrimeTime
• C. Unpatchable vulnerability in Apple chip leaks secret encryption keys - ARS Technica
• Research Paper: https://gofetch.fail/

GoFetch is a microarchitectural side-channel attack that can extract secret keys from constant-time cryptographic implementations via data memory-dependent prefetchers (DMPs).

Go's RSA-2048 Key Extraction on Apple m1 - gofetch[dot]fail