Ryzen, and Epyc: the vulnerability affects all current AMD processors

Ryzen, and Epyc: the vulnerability affects all current AMD processors

A new vulnerability that affects all AMD processors from the 2011 calendar year, including the most recent, Ryzen, and Epyc on the Basis of Zen, Zen+ Zen 2. It started with the Problem, but also with the architecture of Bulldozer and all of the solutions that are based on them.

Then, in August of 2019 at the latest, the AMD has been advised of the possibility of a gap to Take the Form” (PDF), in knowledge, and has not commented so far on the subject. The Problem is to be found in the irregular area in the L1 data cache that is two very different ways of attack will be revealed by the kind of prediction, if you are not familiar with the feature, according to the researchers. Because of the structure of the L1 has not changed from their Caches, for many years, more fundamentally, what is at stake for all CPU families from AMD, since the year of 2011.

We reverse-engineered AMD’s L1D cache, a way predictor in the
the micro-architecture for 2011 through 2019, resulting in a new attack
all of the techniques. [..] Clash+the sample allows for the monitoring of the accesses to the memory of the current core logic
without the knowledge of the physical addresses in the shared memory.Load+Reload, gets to have access to the memory traces of the application are co-located in the same physical core.
We work closely with our new attack techniques in different scenarios.
We have set up a high-speed covert channel, and is used in a
The spectrum of attack is to leak secret data from the kernel. In addition to this,
we have reduced the entropy of the various implementations of the ASLR
native code in a sandbox with the JavaScript. Finally, the recovered key
from the vulnerable AES implementation.

The attacks that have been made through the use of Javascript to in browsers such as Firefox and Chrome, both on a local device via a Cloud-based access to Amazon AWS EC2.

The researchers have found the gap, I had already discovered almost a dozen issues in terms of Intel processors. They are sponsored it is for this reason that Intel has provided in the context of the problem research over the past two years, the increase in funding for outside researchers ” (PDF). On Twitter, the topic is done for all reactions and, in part, on the allegations that the researchers were only from Intel, and the “sidekick”. A Professor at the TU Graz took his Phd at the guard.

The AMD processors are, in the final analysis, it is not without problems, as reaffirmed by the group itself, over and over again, years and years ago, even with the assertion that none of the CPU usage is always error-free. As long as they were the result of the Collapse, and the Spectrum is almost completely preserved, but there are a lot of other areas as well. With the growing popularity and presence in the market, the models back, also more and more in the focus. The same procedure was done in order to be seen in the case of Apple and Microsoft, as your Windows just about every week, a vulnerability was found, it was with the Apple is considered safe, there’d been looking for, due to the vanishingly small market share, but hardly anyone else. With the rising popularity of has finally been revealed, there are more and more problems.

The researchers recommend that, in the final analysis, adaptation of Hardware and Software. In a subsequent statement from AMD on the subject, it is, arguably, the respect, awareness, pro-active, in the group that knows the difference for the past seven months has not been, to the general Public.