Researchers at the Graz University of Technology have discovered security vulnerabilities affecting AMD CPUs launched between 2011 and 2019.
In a paper published on the subject, the researchers detailed two “Take A Way” attacks which can be used to exploit side-channel vulnerabilities in Ryzen processors.
“We reverse-engineered AMD’s L1D cache way predictor in microarchitectures from 2011 to 2019, resulting in two new attack techniques,” the researchers said.
The two side-channel attacks detailed in the paper – “Collide+Probe” and “Load+Reload” – can be used to access secret data from the chips by attacking the L1D cache predictor.
AMD’s L1D cache predictor was implemented on these chips to reduce power consumption by predicting in which cache way a certain address is located.
The researchers disclosed the vulnerabilities to AMD on 23 August 2019, and there is currently no dedicated firmware patch available for these vulnerabilities.
AMD security advisory
AMD responded to the publication of these security vulnerabilities via a security advisory on its website, acknowledging the security exploits and stating they were not a new form of side-channel attack.
“We are aware of a new white paper that claims potential security exploits in AMD CPUs, whereby a malicious actor could manipulate a cache-related feature to potentially transmit user data in an unintended way,” AMD said.
“The researchers then pair this data path with known and mitigated software or speculative execution side-channel vulnerabilities. AMD believes these are not new speculation-based attacks.”
AMD said it recommended users follow the steps be taken by users to help mitigate against side-channel attacks:
- Keep your operating system up-to-date by operating at the latest version revisions of platform software and firmware, which include existing mitigations for speculation-based vulnerabilities
- Following secure coding methodologies
- Implementing the latest patched versions of critical libraries, including those susceptible to side-channel attacks
- Utilizing safe computer practices and running antivirus software
Following the publication of this advisory by AMD, the researchers stated on Twitter that this vulnerability remains open to exploitation.