Posted on Monday, Apr 05 2021 @ 09:16 CEST by Thomas De Maesschalck
A couple of years ago, security researchers found the first major security vulnerabilities in Intel silicon and that opened the floodgates for a broad inquiry in CPU vulnerabilities. Lots more bugs have been found, most of them affecting the Intel platform but some of these flaws also impact other vendors, including Arm and AMD.
AMD Zen 3 affected by Spectre-like bug
Tom's Hardware writes AMD
disclosed its new Zen 3-based processors are vulnable to a side-channel attack that is similar to the Spectre attack that was revealed for Intel CPUs three years ago. The new attack exploits Predictive Store Forwarding (PSF), a technique that's used to improve performance by making predictions about loads and stores:
AMD's CPU architects have discovered that bad PSF speculation is equivalent to Spectre v4. Software that relies on isolation or "sandboxing" is highly at risk when it comes to incorrect speculation. AMD provided two scenarios where an incorrect PSF prediction can occur.
"First, it is possible that the store/load pair had a dependency for a while but later stops having a dependency. This can occur if the address of either the store or load changes during the execution of the program."
"The second source of incorrect PSF predictions can occur if there is an alias in the PSF predictor structure. The PSF predictor is designed to track stores/load pairs based on portions of their RIP. It is possible that a store/load pair which does have a dependency may alias in the predictor with another store/load pair which does not. This may result in incorrect speculation when the second store/load pair is executed."
AMD claims that at this moment, there is now known exploit. The firm says the risk of exploitation is low for most applications and recommends to leave PSF activated because it enhances performance. AMD recently proposed some Linux patches that offer clients the option to disable the feature.