Apple M1 processor.Credit: AppleA bug in the design of the Apple Silicon M1 processor is baked in but how serious is it? The bug allows any two applications running under an OS to covertly exchange data between them, a report said (via The Register).The report goes on to say that the vulnerability is baked into Apple Silicon chips and cannot be fixed without a new silicon revision.Other highlights from Hector Martin, founder and project lead of Ashai Linux, who wrote about the bug include: How was this bug disclosed? I e-mailed product-security@apple.com. They acknowledged the vulnerability and assigned it CVE-2021-30747. I published this disclosure 90 days after the initial disclosure to Apple, Martin says.(All questions and quotes are excerpts from Martins post.)Should you be worried? Probably not.Are you affected?Probably...macOS users: At least versions 11.0 and onwards are affected. Can malware use this vulnerability to take over your computer?No. Can malware use this vulnerability to steal private information?No. So what's the real danger?If you already have malware on your computer, that malware can communicate with other malware on your computer in an unexpected way. Chances are it could communicate in plenty of expected ways anyway. But is this really dangerous?Really, nobody's going to actually find a nefarious use for this flaw in practical circumstances. Besides, there are already a million side channels you can use...on every system. Covert channels can't leak data from uncooperative apps or systems.Actually, that one's worth repeating: Covert channels are completely useless unless your system is already compromised. Summary: a note on errataAll chips have bugs, like the one described above, called errata but you typically dont hear about them. Occasionally, some make it into the news like Intels notorious Pentium FDIV bug. But generally they remain either uninteresting (i.e., not pernicious) or are handled by chipmakers without disclosing them to the public. See this very long list of errata (PDF) on an Intel processor as reference.If Martin hadnt uncovered this bug and written about it, you would be blissfully unaware of it. Just like other errata youve never heard about. Whether you should be aware of errata is another question.I queried Apple and Hector Martin. Apple had no comment. I have yet to hear back from Hector Martin.NOTES: *Full executive summary from report: A flaw in the design of the Apple Silicon M1 chip allows any two applications running under an OS to covertly exchange data between them, without using memory, sockets, files, or any other normal operating system features. This works between processes running as different users and under different privilege levels, creating a covert channel for surreptitious data exchange.Comments can be sent via direct message to twitter.com/mbrookec