AMD Processors Vulnerable to 2 New Side-Channel Attacks

mikhomikho AdministratorOG

With the latest discussions about Intel vulnerbilites, here are the latest AMD news!

AMD processors from as early as 2011 to 2019 carry previously undisclosed vulnerabilities that open them to two new different side-channel attacks, according to a freshly published research.

Known as "Take A Way," the new ( source: https://mlq.me/download/takeaway.pdf ) potential attack vectors leverage the L1 data (L1D) cache way predictor in AMD's Bulldozer microarchitecture to leak sensitive data from the processors and compromise the security by recovering the secret key used during encryption.

The research was published by a group of academics from the Graz University of Technology and Research Institute of Computer Science and Random Systems (IRISA), who responsibly disclosed the vulnerabilities to AMD back in August 2019.

"We are aware of a new white paper that claims potential security exploits in AMD CPUs, whereby a malicious actor could manipulate a cache-related feature to potentially transmit user data in an unintended way," AMD said ( source: https://www.amd.com/en/corporate/product-security )in an advisory posted on its website over the weekend.

"The researchers then pair this data path with known and mitigated software or speculative execution side-channel vulnerabilities. AMD believes these are not new speculation-based attacks."

To demonstrate the impact of the side-channel attacks, the researchers established a cache-based covert channel that exfiltrated data from a process running on the AMD CPU to another stealthy process, achieving a maximum transmission rate of 588.9kB/s using 80 channels in parallel on the AMD Ryzen Threadripper 1920X processor.

With AMD's EPYC processors being embraced by popular cloud platforms such as Amazon, Google, and Microsoft, the fact that these attacks can be carried out in a cloud setting poses significant concerns.

“Technology is best when it brings people together.” – Matt Mullenweg

Comments

  • joepie91joepie91 OGServices Provider
    edited March 2020

    @mikho said: potential attack vectors leverage the L1 data (L1D) cache way predictor in AMD's Bulldozer microarchitecture

    @mikho said: the AMD Ryzen Threadripper 1920X processor

    @mikho said: With AMD's EPYC processors being embraced by popular cloud platforms

    Huh? Ryzen and EPYC don't use Bulldozer, do they?

    Edit: Indeed they do not. I was remembering correctly, and Bulldozer is only used for the FX-* and Opteron series, the infamous space heaters. Not sure why Bulldozer is being named in the context of Ryzen and EPYC here...

  • InceptionHostingInceptionHosting Hosting ProviderOG

    I believe this research was funded by intel.

    https://inceptionhosting.com
    Please do not use the PM system here for Inception Hosting support issues.

  • joepie91joepie91 OGServices Provider

    @AnthonySmith said:
    I believe this research was funded by intel.

    Oh, huh, you're right.

    Additional funding was provided by generous gifts from Intel. Any opinions, findings, and conclusions or recommendations expressed in this paper are those of the authors and do not necessarily reflect the views of the funding parties.

    (Emphasis mine.)

    Thanked by (1)InceptionHosting
  • Sounds like a good reason to build a new desktop PC if it affects the older FX processors ;)

  • At what point should I start crafting my own CPU?

  • WSSWSS OGRetired

    @PHP_Backend said:
    At what point should I start crafting my own CPU?

    Just use a handful of Arduinos. You'll be fine.

    My pronouns are like/subscribe.

  • cybertechcybertech OGBenchmark King

    Best bet now is the Chinese CPU

    I bench YABS 24/7/365 unless it's a leap year.

  • Alright, time to bet on ARM CPUs for cloud computing.

    🦍🍌

  • WSSWSS OGRetired

    Imma double down on the Z80.

    My pronouns are like/subscribe.

  • indeed, Z80 is still used in some places, also it seems its making a comeback

    https://www.specnext.com/first-zx-spectrum-next-delivered/

  • tgltgl OG
    edited March 2020

    Edit: The vulnerability's complete name is: "Take A Way The Market Share" (from Intel)

    about the research, I guess its sponsored by Intel, unfortunately they started to feel the pressure and now they resort to this kind of stories, but that's normal when you are selling bad quality products, you compensate by bad PR

    conclusion: both are vulnerable, AMD is half the price

    thank you Intel, drop dead

  • cybertechcybertech OGBenchmark King

    Doubt it would make a big difference now anyway. AMD is still cheaper and more secure.

    I bench YABS 24/7/365 unless it's a leap year.

  • SagnikSSagnikS Hosting ProviderOG

    @AnthonySmith said:
    I believe this research was funded by intel.

    Afaik, some of Intel's vulnerabilties were also found out by Intel funded research, although I may be wrong.

  • Good morning.

    Definitely doesn't impact the newer "performance" cpus and I doubt anyone is using the space heater cpu for vps nodes.

    I can go back to sleep now .

  • @cybertech said:
    Best bet now is the Chinese CPU

    Those are based off AMD's Zen architecture, unless you're talking about the VIA stuff.

    Thanked by (1)cybertech

    Cheap dedis are my drug, and I'm too far gone to turn back.

  • Forget about x86, build some arm servers

    Action and Reaction in history

  • I guess anything with reasonable performance (with out-of order execution) will have this kind of side channel attacks?

  • WSSWSS OGRetired

    @elliotc said:
    Forget about x86, build some arm servers

    DEC Alpha. Can you imagine an entire datacenter humming at 266Mhz machines slowly desoldering themselves?

    My pronouns are like/subscribe.

  • @WSS said:

    @elliotc said:
    Forget about x86, build some arm servers

    DEC Alpha. Can you imagine an entire datacenter humming at 266Mhz machines slowly desoldering themselves?

    What in my imagination is a large number of iPhone 6 in a rack.

    Action and Reaction in history

  • WSSWSS OGRetired

    @elliotc said:
    What in my imagination is a large number of iPhone 6 in a rack.

    ..but can you run Tru64 on it?

    My pronouns are like/subscribe.

Sign In or Register to comment.