CPUsNews

AMD Ryzen 5000 CPUs Vulnerable to Side-Channel Attacks Similar to Spectre

According to a report published by AMD, the company’s latest Zen 3 based Ryzen 5000 processors may be vulnerable to side-channel attacks similar to Spectre which allow exploiting the predictive behavior of modern processors to host attacks. The new vulnerability is due to the use of Predictive Store Forwarding which essentially improves performance by executing instructions by predicting the target location of loads to cache memory ahead of time.

This can be used by attackers if there’s a bad prediction wherein the data is dumped and the pipeline is flushed. As such, AMD will allow customers to disable PSF if they believed that it’s a cause of concern. The impact of disabling PSF should be somewhat similar to the software mitigations for Intel’s Skylake-based processors, mostly on the lower side.

AMD has labeled this vulnerability as low risk but issued guidance on how to disable Predictive Store Forwarding. Generally, when the Spectre V4/SSB mitigation is enabled, PSF is automatically disabled, but it can also be disabled using a new bit for PSFD (for Linux) expected via patches in the future.

AMD is not aware of any code that would be considered vulnerable to PSF behavior and that the risk with PSF is “likely low” but did provide guidance on disabling the Predictive Store Forwarding behavior. When the Spectre V4 / SSB mitigation is in place, PSF is disabled or there is also a new bit that can be set for Zen 3 CPUs to specifically disable the Predictive Store Forwarding behavior.

Via

Areej

Computer Engineering dropout (3 years), writer, journalist, and amateur poet. I started Techquila while in college to address my hardware passion. Although largely successful, it suffered from many internal weaknesses. Left and now working on Hardware Times, a site purely dedicated to.Processor architectures and in-depth benchmarks. That's what we do here at Hardware Times!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button