AMD processors from 2011 to 2019 vulnerable to two new attacks

[b00merang69]

Academics disclose new Collide+Probe and Load+Reload attacks on AMD CPUs.

AMD processors manufactured between 2011 and 2019 (the time of testing) are vulnerable to two new attacks, research published this week has revealed.The two new attacks impact the security of the data processed inside the CPU and allow the theft of sensitive information or the downgrade of security features.

The research team said it notified AMD of the two issues in August 2019, however, the company has not publicly addressed the two issues, nor has it released microcode (CPU firmware) updates.

An AMD spokesperson was not available for comment on this article.

THE L1D CACHE WAY PREDICTOR

The two new attacks target a feature of AMD CPUs known as the L1D cache way predictor.

Introduced in AMD processors in 2011 with the Bulldozer microarchitecture, the L1D cache way predictor is a performance-centric feature that reduces power consumption by improving the way the CPU handles cached data inside its memory.

A high-level explanation is available below:

The predictor computes a μTag using an undocumented hash function on the virtual address. This μTag is used to look up the L1D cache way in a prediction table. Hence, the CPU has to compare the cache tag in only oneway instead of all possible ways, reducing the power consumption.

The two new attacks were discovered after a team of six academics -- from the Graz University of Technology in Austria and the Univerisity of Rennes in France -- reverse-engineered this "undocumented hashing function" that AMD processors were using to handle μTag entries inside the L1D cache way predictor mechanism.

"Knowledge of these functions is the basis of our attack technique," the research team said.

Knowing these functions, allowed the researchers to recreate a map of what was going on inside the L1D cache way predictor and probe if the mechanism was leaking data or clues about what that data may be.

https://www.tenforums.com/windows-1...9-vulnerable-two-new-attacks.html#post1856798 < Easier to read.


https://www.zdnet.com/article/amd-processors-from-2011-to-2019-vulnerable-to-two-new-attacks/ < Source

 

[b00merang69]

Same as when Windows was hacked all the time back in XP era but MAC/Linux were not but are now, you want to do as much damage so go for bigger target to effect more users.

I have zero worries as a home user and certainly did not disable my CPU's HT but would be happier if they handled it better (Intel).

 

[b00merang69]

Reading this forum all of them and nearly every day in the dedicated thread.

 

[b00merang69]

WTF are you talking about?

I am taking about the hate on Windows as it was open to been hacked and MAC's and Linux were not back then.

It had little to do with Windows was wide open and the other two were bulletproof, just it had a bigger target to do more damage to.

I think you may have misread something.

 

[b00merang69]

Humbug take of your rose coloured glasses, the results are from the same source as the Intel flaws, you cannot choose to believe one set of results and not the other because it fits your agender, Panes post means nothing as it does not matter if this will effect many people or not as the Intel one will not effect home users.

So Panos is now an scientist/engineer who understands CPU/GPU architecture?

 

[b00merang69]

I never said I was, does it matter what is more an issue than the other both are issues and again will not effect the majority of home users.

Like someone above stated, when its Intel bring out the pitch forks and when its AMD its not a big deal...

 

[b00merang69]

But that is what you are saying isn’t it. I don’t see why you lot are calling for outrage when one company is knowingly selling chips based on seriously flawed hardware and the other isn’t.

Sorry if you was expecting this thread to yield fruit for your cause.

Who is your lot (I am not an Intel Fanboy, you obv never read the other thread), I was AMD CPU's all the way to Intel C2D and lets be honest AMD made one lacklustre CPU after another in recent years until now.

I have no case so you are talking nonsense, It is news same as the Intel flaws seems to be big news here, and once again if Intel paid for it or part of it, it was from the same source who found their flaws so why is it real when it is Intel and fake when it it AMD?.

 

[b00merang69]

Well I am on my current hardware till 2022, longest ever main board + CPU (Rog Z87+4970k), and doubt I will need/want a Nvidia 3000 series GPU (did not want 2000) as I have a major backlog of games to play and a Titan Xp is fine for 1440p.

I have upgraded to all internal SSD's + Ext Mech Backup and PSU, latest BT/WIFI etc.

Hopefully by then things are matured including some kind of better monitor than LCD crap esp. the poor QA we get today.