Skip to main content

All AMD processors since 2011 have had a security vulnerability

Coming on the heels of recent news that there is an unfixable vulnerability in Intel processors from the last five years, security researchers have identified a vulnerability in AMD processors from the last nine years as well.

A paper by researchers from the Graz University of Technology, first reported on by Tom’s Hardware, describes two attacks, Collide+Probe and Load+Reload, which are a subset of the “Take A Way” vulnerability and are based on a Spectre attack. The vulnerability is found in all AMD processes released between 2011 and 2019, including the Zen microarchitecture.

Recommended Videos

“We reverse-engineered AMD’s L1D cache way predictor in microarchitectures from 2011 to 2019, resulting in two new attack techniques,” the researchers wrote in the paper. “With Collide+Probe, an attacker can monitor a victim’s memory accesses without knowledge of physical addresses or shared memory when time-sharing a logical core. With Load+Reload, we exploit the way predictor to obtain highly-accurate memory-access traces of victims on the same physical core. While Load+Reload relies on shared memory, it does not invalidate the cache line, allowing stealthier attacks that do not induce any last-level-cache evictions.”

Get your weekly teardown of the tech behind PC gaming
Check your inbox!

Fixes may compromise performance

These are what are called side-channel attacks, which can be deployed by exploiting vulnerabilities in JavaScript via internet browsers such as Google Chrome or Mozilla Firefox. The researchers did suggest both hardware and software fixes which could protect against the vulnerabilities, but these may involve a tradeoff in performance as most Spectre fixes have done. The suggestions include temporarily disabling the processor’s way predictor to prevent attacks, using a keyed mapping function, and flushing the way predictor after use. These fixes are all things that would have to be engineered by AMD, so if you are a regular user then there’s not much you can do except wait to see what security measures AMD will bring in.

This is some controversy around the findings of this paper, as the acknowledgments section includes mention of funding from Intel, first spotted by Hardware Unboxed: “Additional funding was provided by generous gifts from Intel.” This is not unusual in academic research, however, and the lead author responded on Twitter that he discloses the funding Intel provides to some of his students on all of his papers.

Georgina Torbet
Georgina has been the space writer at Digital Trends space writer for six years, covering human space exploration, planetary…
The gamers have spoken: AMD obliterates Intel in CPU sales
AMD Ryzen 7 7800X3D installed in a motherboard.

AMD's 3D V-Cache processors are some of the best CPUs, and they're certainly a hit among gamers. The sales figures speak for themselves: According to the latest numbers from Mindfactory, a German retailer, consumers are continuously picking AMD over Intel -- and the gap is huge. What's perhaps more interesting is that AMD's last-gen platform continues to dominate sales charts despite the lack of an upgrade path from the AM4 socket.

Shared by TechEpiphany on Twitter, these numbers spell great news for AMD. Of the top 10 processors sold in the last week on Mindfactory, nine are AMD chips. The Core i5-13600KF is the only Intel CPU to make it into the top 10, and it's coming in last at a shared number 10 spot with the Ryzen 5 5600. Each sold just 150 units.

Read more
AMD drops huge price cuts on Ryzen 7000-series processors right now
An AMD Ryzen 7000 processor slotted into a motherboard.

AMD has cut the prices for its Ryzen 7000-series processors by up to $120 in some cases. This discount applies to all four Zen 4 processors on both NewEgg and Amazon, as well as the official AMD store.

The Ryzen 9 7950 was listed at $574, down from $699 a week ago. The Ryzen 9 7900 was $474, down from $549.

Read more
Hackers targeted AMD to steal huge 450GB of top-secret data
A depiction of a hacker breaking into a system via the use of code.

A data extortion group known as RansomHouse has asserted that it has stolen upwards of 450GB of sensitive data from AMD.

Team Red has since confirmed that it launched an investigation into the matter after the situation came to light.

Read more