All AMD (opens in a new tab) Experts warn that Zen processors are vulnerable to a medium-weight vulnerability that could allow cybercriminals to perform side-channel attacks and to relatively easily reveal 4,096-bit RSA keys.
The flaw, discovered by many cybersecurity researchers at technology universities in Graz and Georgia, was described in an article titled “SQUIP: Exploiting the Scheduler Queue Contention Side Channel” and was later confirmed by AMD itself.
“An attacker running on the same host and CPU core as you can spy on the types of instructions you execute due to the split scheduling design on AMD processors,” explained one author. “Apple’s M1 (possibly also the M2) has the same design, but is not yet affected as SMT has yet to be introduced in its processors.”
A compromise solution
SMT stands for “simultaneous multithreading,” a technique that improves the performance of superscalar processors through hardware multithreading, allowing multiple independent threads to run while using chip resources more efficiently.
The disadvantage is due to the way the processor works – it is able to execute more lines of code on one processor core to increase its performance.
But it also allows potential cyber criminals to monitor these instructions if they can install malware on the device. But almost any malware can be neutralized with a software patch, and this one is no different. However, it has a serious caveat.
So in order to mitigate this gap, SMT technology has to be turned off, which means a significant drop in chip performance.
Apparently, this applies to all Ryzen processors with Zen 1, Zen 2, and Zen 3 microarchitecture. AMD acknowledged the problem and named it AMD-SB-1039: Side Channel Vulnerability in the Execution Unit Contention Schedule on AMD CPUs.
“AMD recommends software developers to follow existing best practices, including fixed-time algorithms, and avoid secret-driven control flows to help mitigate this potential vulnerability,” states AMD’s instructions.
TechRadar Pro has asked AMD for comment and will update the article when we get a reply.
By: Tom’s gear (opens in a new tab)