iMobile Mobile Home March 14 News If the previous "ghost" and "fuse" loopholes caused many people to switch from AMD to AMD, now friends with AMD processors should also be careful, today, a The Israeli security company CTS-Labs published a white paper saying that after researching, there were 13 high-risk security holes in the AMD Zen CPU architecture.
AMD is now scrutinizing the relevant loopholes described in this white paper, but its spokesperson stated that CTS-Labs did not give AMD reasonable time for investigation and it was not appropriate to publish it publicly (it was only shared with AMD before the announcement one day before). , This may be due to the fact that the two companies have not cooperated with each other and their processes are not clear.
The vulnerability described in the white paper relates to AMD Ryzen desktop processor, Ryzen Pro enterprise processor, Ryzen mobile processor, and EPYC data center processor. Different vulnerabilities are targeted at different platforms, of which 21 environments have been successfully used. There are 11 loopholes that are exploited. These four types of attacks are called Ryzenfall, Masterkey, Fallout, and Chimera.
The vulnerabilities in the report all require administrator privileges to discover. The first three important ones exploit the vulnerabilities in AMD's security processors. The last one, Chimera, utilizes the chips provided by the chips provided by ASMedia. The personnel indicated that the ASMedia chipset had the function of running code on the peripheral chip that was suspected to be conducive to developer debugging. This function can also be used in AMD processors that use its chipset.
AMD said that security is the first priority, and relevant reports are being carefully studied. Some people, including Google Security Researcher Arrigo Triulzi, believe that the report may think that the impact of the loophole has been exaggerated.
iMobile Mobile Home March 14th If the previous "ghost" and "fuse" loopholes caused many people to switch from AMD to AMD, friends who now use AMD processors should also be careful, today, a The Israeli security company CTS-Labs published a white paper saying that after researching, there were 13 high-risk security holes in the AMD Zen CPU architecture.
AMD is now scrutinizing the relevant loopholes described in this white paper, but its spokesperson stated that CTS-Labs did not give AMD reasonable time for investigation and it was not appropriate to publish it to the public (the day before the announcement was shared with AMD in advance). , This may be due to the fact that the two companies have not cooperated with each other and their processes are not clear.
The vulnerability described in the white paper relates to AMD Ryzen desktop processor, Ryzen Pro enterprise processor, Ryzen mobile processor, and EPYC data center processor. Different vulnerabilities are targeted at different platforms, of which 21 environments have been successfully used. There are 11 loopholes that are exploited. These four types of attacks are called Ryzenfall, Masterkey, Fallout, and Chimera.
The vulnerabilities in the report all require administrator privileges to discover. The first three important ones exploit the vulnerabilities in AMD's security processors. The last one, Chimera, utilizes the chips provided by the chips provided by ASMedia. The personnel indicated that the ASMedia chipset had the function of running code on the peripheral chip that was suspected to be conducive to developer debugging. This function can also be used in AMD processors that use its chipset.
AMD said that security is the first priority, and relevant reports are being carefully studied. Some people, including Google Security Researcher Arrigo Triulzi, believe that the report may think that the impact of the loophole has been exaggerated.
