Heads-Up, AMD Zen-Based CPUs Are Affected By A New Meltdown-Style Security Flaw
Security researchers have discovered a side-channel vulnerability in a similar vein to Meltdown, except this one is present in AMD's processors. AMD confirmed the finding, and has offered guidance to software developers, saying they should take precautions to avoid leaving the security hole open to attackers (suggesting this is not something AMD can simply patch out via firmware).
Ever since Spectre and Meltdown made waves a few years ago, additional side-channel exploits have been discovered, with varying degrees of complexity. In all reality, many of these techniques are not cause for panic for the typical user, especially with different mitigations that have been rolled out (both by CPU makers and vendors like Microsoft).
It doesn't sound like this latest one is an exception, though it is interesting from a few different aspects. One is that AMD pretty much claimed immunity from the original Meltdown attack vector. However, researchers Saidgani Musaev and Christof Fetzer discovered a way to exploit AMD processors with similar execution patterns to Meltdown.
They cover the AMD exploit in a whitepaper (PDF) titled, "Transient Execution of Non-Canonical Accesses," noting that they found a "reliable way to forced an illegal data flow," making it technically possible for a determined attacker to spy data they should not be seeing.
"The violation we report does not lead to cross address space leaks, but it provides a reliable way to force an illegal dataflow between microarchitectural elements. Unlike the previous AMD vulnerabilities, the flaw we report is the first flaw that proves that it is possible to force an illegal data flow between microarchitectural elements," the researchers explain.
Interestingly, the researchers said they verified the flaw is present on Zen+ and Zen 2 processors, having tested the exploit on a Ryzen 7 2700X, Ryzen Threadripper 2990WX, and EPYC 7262 chips. However, AMD suggests in a security bulletin that it affects all of its processors—rather than singling out Zen+ and Zen 2, the security bulletin simply states "AMD CPUs" in the affected processors section.
Should you be worried? Probably not. In the whitepaper, the researchers did note that "AMD's design decisions indeed limit the exploitability scope" when compared to Meltdown-style attack vectors affecting Intel's CPUs, "yet it may be possible to use them to amplify other microarchitectural attacks."
Additionally, AMD's mitigation is for software vendors to review their code for any possible security holes related to this, adding that "potential vulnerabilities can be addressed by inserting an LFENCE or using existing speculation mitigation techniques."
On the user side of things, it sounds like the best thing to be done is to stay up to date with the latest patches.
