All of AMD’s (opens in new tab) Zen CPUs are vulnerable to a medium-severity flaw which can allow threat actors to run side-channel attacks and reveal 4096-bit RSA keys with relative ease, experts have warned.
The flaw, discovered by multiple cybersecurity researchers from technology universities in Graz, and Georgia, was described in a paper titled “SQUIP: Exploiting the Scheduler Queue Contention Side Channel,” and later confirmed by AMD itself.
“An attacker running on the same host and CPU core as you, could spy on which types of instructions you are executing due to the split-scheduler design on AMD CPUs,” one of the authors explained. “Apple’s M1 (probably also M2) follows the same design but is not affected yet as they haven’t introduced SMT in their CPUs yet.”
Solution in compromise
SMT is short for “simultaneous multithreading” – a technique that improves the efficiency of superscalar CPUs with hardware multithreading, allowing multiple independent threads of execution, using the chip’s resources more efficiently.
The flaw stems from the way the CPU operates – it’s able to execute more lines of code on a single CPU core, in order to boost its performance.
But that also allows potential threat actors to monitor these instructions, if they can get malware installed on the device. But almost every malware can be neutralized with a software patch, and this one is no different. It comes with a major caveat, though.
So in order to mitigate the vulnerability, SMT technology needs to be disabled, and that means a significant blow to the chip’s performance.
Apparently, all Ryzen processors running Zen 1, Zen 2, and Zen 3 microarchitectures, are affected. AMD confirmed the problem and has dubbed it AMD-SB-1039: Execution unit Scheduler Contention Side-Channel Vulnerability on AMD Processors.
“AMD recommends software developers employ existing best practices including constant-time algorithms and avoiding secret-dependent control flows where appropriate to help mitigate this potential vulnerability,” AMD’s instructions state.
TechRadar Pro has asked AMD for a comment and will update the article when we hear back.
Via: Tom’s Hardware (opens in new tab)