CPUsNews

Intel: AMD CPUs Reported Nearly Twice as Many Security Vulnerabilities in 2021

Intel has compiled a product security report for 2021 detailing its efforts to fight vulnerabilities across various product architectures and families. As per the report, a total of 226 vulnerabilities were reported on Intel’s products, with the bulk of them (147) being medium severity, 52 high severity, 2 critical, and the remaining 25 low severity vulnerabilities.

Internal security research for 2021 accounts for 50% of the issues addressed and an additional 43% were reported through Intel’s Bug Bounty Program. In 2021, we addressed 226 vulnerabilities compared to 231 in 2020 and 236 in 2019.

Intel

Furthermore, the chipmaker claims that its investment accounts for 93% of vulnerabilities addressed in 2021. Out of these 113 were internally found, 97 were reported via bug bounties, and the remaining came from miscellaneous sources.

Now, let’s have a look at the interesting part. As per Intel’s claims, AMD had 31 reported vulnerabilities on the CPU side and 27 on the GPU side, adding up to a total of 58. Team Blue, on the other hand, had a pile totaling up to 67, 16 from the CPU side and 51 from the GPU side. This is rather unexpected as Intel hasn’t made a single discrete GPU in the last two decades, and yet the majority of the vulnerabilities are from that segment.

These CVEs are likely from the Intel Graphics driver which has gotten attention only recently but is worrisome nonetheless. The chipmaker’s CPUs having significantly fewer reported vulnerabilities comes as a surprise as nearly every other vulnerability discovered since Meltdown/Spectre affected Intel processors in one way or another. Regardless, all these security issues have been sourced from AMD and Intel’s security center/product security sections which means only the ones officially reported by the two are being counted in the report.

In 2021, Intel reported 16 CPU and 51 graphics
vulnerabilities (67 combined) while AMD reported 31
CPU and 27 graphics vulnerabilities (58 combined).
As previously noted in this report, our Security
First Pledge guides us to transparently report
vulnerabilities whether found internally or externally.
We have not identified any AMD-published CVEs
in 2021 attributed to AMD internal research.
Therefore, the information in this comparison is
based solely on AMD CVEs attributed to external
research.

Overall, this report may not be the most accurate representation of Intel’s product security, but it’s fairly transparent and more honest than what you’d expect from its marketing teams.

Areej

Computer hardware enthusiast, engineering dropout, and PC gamer. Former co-founder of Techquila (2017-2019), a fairly successful tech outlet. Been working on Hardware Times since 2019, an outlet dedicated to computer hardware and its applications.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button