BeQuiet Jubiläum Banner 970x90
Breaking News

Lucky number Android 13: The latest features and updates CORSAIR Ushers in the New Era of AMD with Support for AMD Ryzen 7000 CPUs TEAMGROUP Announces MP44L M.2 PCIe 4.0 SSD with the Industry's First Heat Dissipating Graphene SSD Label for an Upgraded Cooling Performance MSI Introduces Mini-LED Panel into Prestige 16 Samsung Electronics Takes Gaming Experiences To The Next Level With Global Launch of Odyssey Ark

logo

AMD Downplays Reported Side Channel Vulnerabilities in Zen Chips

AMD Downplays Reported Side Channel Vulnerabilities in Zen Chips

PC components 0

AMD claims that the recently surfaced potential security exploits in the company's CPUs are not new speculation-based attacks.

A paper released by the Graz University of Technology detailed two new "Take A Way" attacks, Collide+Probe and Load+Reload, that can leak secret data from AMD processors by manipulating the L1D cache predictor. The researchers claim that the vulnerability impacts all AMD processors from 2011 to 2019.

Both exploit the "way predictor" for the Level 1 cache (meant to boost the efficiency of cache access) to leak memory content. The Collide+Probe attack lets an intruder monitor memory access without having to know physical addresses or shared memory, while Load+Reload is a more secretive method that uses shared memory without invalidating the cache line.

"We reverse-engineered AMD’s L1D cache way predictor in microarchitectures from 2011 to 2019, resulting in two new attack techniques. With Collide+Probe, an attacker can monitor a victim’s memory accesses without knowledge of physical addresses or shared memory when time-sharing a logical core. With Load+ Reload, we exploit the way predictor to obtain highly-accurate memory-access traces of victims on the same physical core. While Load+Reload relies on shared memory, it does not invalidate the cache line, allowing stealthier attacks that do not induce any last level-cache evictions."

The team took advantage of the flaws using JavaScript in common browsers like Chrome and Firefox. While Take A Way only exposes out a small amount of information compared to Meltdown or Spectre, that was enough for the investigators to access AES encryption keys.

It's possible to address the flaw through a mix of hardware and software, the researchers said, although it's not certain how much this would affect performance.

AMD posted the following statement no its website:

"We are aware of a new whitepaper that claims potential security exploits in AMD CPUs, whereby a malicious actor could manipulate a cache-related feature to potentially transmit user data in an unintended way. The researchers then pair this data path with known and mitigated software or speculative execution side channel vulnerabilities. AMD believes these are not new speculation-based attacks."

The advisory does not point to any mitigations for the attack in question, merely citing other mitigated speculative executions that were used as a vehicle to attack the L1D cache predictor.

Related Posts