AMD processors vulnerable to two new types of side-channel attacks
AMD processors are vulnerable to two new types of attacks, but they're not as bad as Meltdown and Zombieload.
What you need to know
- Researchers discovered two new attacks that AMD processors are vulnerable to.
- AMD processors from 2011-2019 are vulnerable to the attacks.
- While the vulnerabilities lead to security risks, they are not as bad as well-known vulnerabilities Meltdown and Zombieland.
Researchers discovered two new vulnerabilities that can affect AMD processors from between 2011-2019. The attacks, called Collide+Probe and Load+Reload affect the security of data processed by affected AMD CPUs. As a result, attackers can steal information or affect security features. A team of six researchers from Graz University of Technology in Austria and the University of Rennes in France details their discoveries in an extensive document.
The team of researchers states that they contacted AMD regarding the issues in August of 2019, but AMD has not released firmware updates related to the issue since then. AMD states that the attacks "are not new speculation-based attacks." The research team disagrees with AMD's claim.
The attacks work by targetting the L1D cache way predictor. This feature improves the way CPUs handle cached data, which reduces power consumption. Below is a detailed explanation from the researchers' document:
The researchers also break down how they exploited the attacks:
These attacks are potentially dangerous because they could be used in the wild. Some attacks require such high levels of access to a computer that they're not viable for most attackers. ZDNet points out that Collide+Probe and Load+Reload work without physical access, special equipment, or connections to hidden ports. The research team states that it demonstrated and evaluated the attacks "in sandboxed JavaScript and virtualized cloud environments."
AMD issued a response to the issue, in which it states, "AMD believes these are not new speculation-based attacks." AMD believes "this issue can be mitigated in software by using side-channel counter measures." The research team that discovered the attacks told ZDNet that AMD's response is "rather misleading" and added that AMD never engaged with the research team about the attacks. Additionally, the research team states that the attacks still work on full-update operating systems.
While these attacks present a security risk, Daniel Gruss, one of the researchers that discovered the attacks, stated on Twitter that they aren't as dangerous as Meltdown and Zombieload. He said in response to another Twitter user, "The attacks leak a few [bits] of meta-data. Meltdown and Zombieload leak tons of actual data."
Get the Windows Central Newsletter
All the latest news, reviews, and guides for Windows and Xbox diehards.
Sean Endicott is a tech journalist at Windows Central, specializing in Windows, Microsoft software, AI, and PCs. He's covered major launches, from Windows 10 and 11 to the rise of AI tools like ChatGPT. Sean's journey began with the Lumia 740, leading to strong ties with app developers. Outside writing, he coaches American football, utilizing Microsoft services to manage his team. He studied broadcast journalism at Nottingham Trent University and is active on X @SeanEndicott_ and Threads @sean_endicott_.