Tavis Ormandy, a Google Security researcher has discovered a new vulnerability affecting AMD’s Zen 2 processors. Dubbed Zenbleed, the security flaw could let attackers steal passwords, cryptographic keys, and other sensitive information from software running on vulnerable machines.
In a recent blog post, Ormandy detailed that the Zenbleed vulnerability (CVE-2023-20593) was first reported to AMD back in mid-May. It allows threat actors to run malicious code remotely via JavaScript on a webpage and doesn’t require physical access to the affected system. The exploit can be used to transfer data at a rate of at least 30kb per core per second.
“The vulnerability in AMD’s Zen 2-architecture-based CPUs, wherein data from another process and/or thread could be stored in the YMM registers, a 256-bit series of extended registers, potentially allowing an attacker access to sensitive information. This vulnerability is caused by a register not being written to 0 correctly under specific microarchitectural circumstances. Although this error is associated with speculative execution, it is not a side channel vulnerability,” Cloudflare explained.
The Zenbleed vulnerability affects the following AMD Zen 2 processors:
- AMD Ryzen 3000 Series CPUs
- AMD Ryzen PRO 3000 Series CPUs
- AMD Ryzen Threadripper 3000 Series CPUs
- AMD Ryzen PRO 4000 Series CPUs
- AMD Ryzen 4000 Series CPUs with Radeon Graphics
- AMD Ryzen 5000 Series CPUs with Radeon Graphics
- AMD Ryzen 7020 Series CPUs with Radeon Graphics
- AMD EPYC “Rome” Processors
AMD to patch the Zenbleed vulnerability affecting Ryzen processors
AMD has since published a security advisory that describes the security flaw as a “cross-process information leak.” The company has also released a microcode patch for second-generation Epyc 7002 processors.
Meanwhile, AMD plans to roll out updates for high-end desktops in October, with Ryzen 4000 mobile processors to follow in November. Moreover, a fix for Ryzen 3000 and 4000 desktop CPUs and Ryzen 5000 and 7020 mobile processors is expected to be available in December this year.
It’s important to note that these updates may likely impact system performance depending on the workload and PC configuration. “Any performance impact will vary depending on workload and system configuration. AMD is not aware of any known exploit of the described vulnerability outside the research environment,” AMD said in a statement to Toms Hardware.
Ormandy has also detailed a temporary workaround solution that can be applied until a firmware update is available. The process involves setting a control bit that disables some functionality to block potential exploitation of the vulnerability. However, Ormandy warned that the workaround could cause some kind of performance hit.