M1ssing Register Access Controls Leak EL0 State
M1RACLES (CVE-2021-30747) is a covert channel vulnerability in the Apple Silicon “M1” chip.
This is a hardware silicon vulnerability 'baked' into the M1 (and A14) cpus, and no software mitigation is possible (save, possibly, running a VM on the bare metal and running your macOS or iOS in the VM, and losing performance). Lots of explanatory material in the article, and a proof of concept video, and a FAQ section.
It will be interesting if the M1X or M2 will have fixed the issue.
Fun times...
=TC