Published in News

Boffins find that AMD processors leak a bit

by on09 March 2020


Happens when you get older

A new paper released by the Graz University of Technology details two new "Take A Way" attacks, Collide+Probe and Load+Reload, that can leak secret data from AMD processors by manipulating the L1D cache predictor.

The boffins found the vulnerability impacts all AMD processors from 2011 to 2019, meaning that the Zen microarchitecture is also impacted.

The university says it disclosed the vulnerabilities to AMD on August 23, 2019, meaning it was disclosed in a responsible manner but there is no word of a fix yet. We've pinged AMD for comment.

The two AMD vulnerabilities are side-channel approaches, in this case a Spectre-based attack which enable researchers to tease out what would normally be protected information. Here's a description of the technique from the whitepaper:

"We reverse-engineered AMD’s L1D cache way predictor in microarchitectures from 2011 to 2019, resulting in two new attack techniques. With Collide+Probe, an attacker can monitor a victim’s memory accesses without knowledge of physical addresses or shared memory when time-sharing a logical core. With Load+ Reload, we exploit the way predictor to obtain highly-accurate memory-access traces of victims on the same physical core. While Load+Reload relies on shared memory, it does not invalidate the cache line, allowing stealthier attacks that do not induce any last level-cache evictions."

However, as spotted by Hardware Unboxed, the paper also said: "Additional funding was provided by generous gifts from Intel. Any opinions, findings, and conclusions or recommendations expressed in this paper are those of the authors and do not necessarily reflect the views of the funding parties."

The lead researcher also responded on Twitter, disclosing that Intel funds some of its students and the university fully discloses the sources of its funding. He noted that Intel doesn't restrict the universities' academic freedom and independence, and that Intel has funded the programme for two years.
AMD issued a statement saying it was aware of the whitepaper but says it is nothing new.

AMD's posting lists general advice for protecting against the incredibly large family of side channel attacks, but we can't find any specific mention of firmware patches for the Take A Way vulnerabilities.

 

 

Last modified on 09 March 2020
Rate this item
(0 votes)

Read more about: