• Competitor rules

    Please remember that any mention of competitors, hinting at competitors or offering to provide details of competitors will result in an account suspension. The full rules can be found under the 'Terms and Rules' link in the bottom right corner of your screen. Just don't mention competitors in any way, shape or form and you'll be OK.

AMD processors from 2011 to 2019 vulnerable to two new attacks

Soldato
Joined
15 Jun 2005
Posts
2,750
Location
Edinburgh
Both are the same Zen 1 CPU under different names, and from 2017, Not 2019. Did they test Zen+ or Zen 2? As far as i can tell they also used Linux, not Windows. Anything beyond that is assumption. The researchers actually said this themselves. And AMD have responded, stating that Windows has already been patched for this exploit.
They provided a list of the CPUs they tested on from K8 (2013) to Zen 2 (2019). Looks like they only provided benchmark data for a couple. They did indeed use Linux as it is the preferred O/S for this type of research. All the previous vulnerabilities have used Linux for the proof of concept.

I agree that these are mostly of academic interest and are of little concern to the home user. But equally they are not faked or the work of Intel shills.
 
Man of Honour
Joined
13 Oct 2006
Posts
90,806
I can't say I understand the technicalities of these exploits at all, but I would suggest the OS installation most home users run has inherantly more liabilities than any CPU exploit offers.

Some of the recent Windows 10 vulnerabilities that have been closed have been way more concerning than either these or the Intel vulnerabilities yet strangely gets far less attention. Some of them are actual, viable over the internet, remote execution vectors as well while most of these CPU vulnerabilities aren't that kind of problem.
 
Soldato
Joined
28 May 2007
Posts
18,196
The Intel flaws that can’t be patched (most of them) are the biggest liabilities by far. These issues will drag out for decades and could spawn numerous day one exploits.
 
Caporegime
Joined
17 Mar 2012
Posts
47,380
Location
ARC-L1, Stanton System
I can't say I understand the technicalities of these exploits at all, but I would suggest the OS installation most home users run has inherantly more liabilities than any CPU exploit offers.

Right. Windows is the biggest exploit going, if you wanted to get data from someones computer you wouldn't bother with the CPU, your OS is practically handing it to anyone who wants to look.
 
Soldato
Joined
24 Jul 2004
Posts
22,594
Location
Devon, UK
Some of the recent Windows 10 vulnerabilities that have been closed have been way more concerning than either these or the Intel vulnerabilities yet strangely gets far less attention. Some of them are actual, viable over the internet, remote execution vectors as well while most of these CPU vulnerabilities aren't that kind of problem.

I have to admit, if I see one of these kind of CPU based "attacks" that require physical access to exploit, I just roll my eyes and move on. After all, if a stranger is physically at my computer when i'm not there I have bigger issues than them exploiting my processor.

I can't tell with these new AMD ones, do they require physical access to the computer?
 
Associate
Joined
21 Sep 2018
Posts
895
I have to admit, if I see one of these kind of CPU based "attacks" that require physical access to exploit, I just roll my eyes and move on. After all, if a stranger is physically at my computer when i'm not there I have bigger issues than them exploiting my processor.

I can't tell with these new AMD ones, do they require physical access to the computer?

When this gets a CVE designation, then details will follow.

https://www.cvedetails.com/vulnerability-list/vendor_id-7043/AMD.html

Here is one for intel.

https://www.cvedetails.com/vulnerab...&sha=1d6011c41df6dde5f48a4f36352f44c40f918a0a
 
Back
Top Bottom