This vulnerability was discovered by developer Hector Martin and we say it cannot be fixed because similar to the Spectre flaw that plagued Intel’s processors, this vulnerability is on a hardware level which means that unless Apple were to recall and replace every M1 device out there, there’s nothing they can do to fix it.
This vulnerability, should it be exploited, would allow apps to covertly exchange data with each other, meaning that it could take place without the OS knowing. However, Martin does note that while this is a vulnerability, it’s one we shouldn’t be worried about. This is because at least at the moment, there doesn’t seem to be a nefarious use to this vulnerability.
Now we say that it might be a good thing for Apple that this vulnerability was discovered because it means that they can fix it. This is versus the company creating multiple generations of its Apple Silicon chipset and then finding out the problem 5-6 years later. We’re not sure if this will be fixed in time for the M1X/M2, so we’ll have to wait and see.