All AMD Zen processors (opens in a new tab) are vulnerable to a medium severity flaw that can allow threat actors to execute side-channel attacks and reveal 4096-bit RSA keys with relative ease, experts have warned.
The flaw, discovered by several cybersecurity researchers from the Graz and Georgia Universities of Technology, was described in a paper titled “SQUIP: Scheduler Queue Containment Side Channel Exploit,” and was later confirmed by AMD.
“An attacker running on the same host and CPU core as you could snoop on the types of instructions you are executing due to the split scheduler design in AMD CPUs,” explained one of the authors. "Apple's M1 (probably the M2 as well) follows the same design but is still unaffected as they haven't yet introduced SMT to their processors."
compromise solution
SMT is short for "simultaneous multithreading", a technique that improves the efficiency of superscalar processors with hardware multithreading, allowing multiple independent threads of execution, using chip resources more efficiently.
The flaw stems from the way the CPU works: you can run more lines of code on a single CPU core to improve its performance.
But it also allows potential hackers to control these instructions, if they can install malware on the device. But almost any malware can be neutralized with a software patch, and this one is no different. However, it comes with an important caveat.
So, to mitigate the vulnerability, the SMT technology must be disabled, which means a big impact on the performance of the chip.
Apparently, all Ryzen processors running Zen 1, Zen 2, and Zen 3 microarchitectures are affected. AMD confirmed the issue and named it AMD-SB-1039: Execution Unit Scheduler Contention Side Channel Vulnerability in AMD Processors.
"AMD recommends that software developers use existing best practices, including constant-time algorithms and avoiding confidentiality-dependent control flows, where appropriate, to help mitigate this potential vulnerability," the instructions read. AMD.
TechRadar Pro has asked AMD for a comment and will update the article when we have a response.
Via: Tom's Hardware (opens in a new tab)