News

• AMD finds four flaws, separately low in severity, but powerful when combined
• Together, they can be abused in information disclosure attacks
• The list of affected devices is rather extensive, so be on your guard

AMD has discovered several security vulnerabilities affecting many of its chips can be chained together to create a concerning hack which could result in information disclosure.

The four vulnerabilities are tracked as CVE-2024-36349 (3.8), CVE-2024-36348 (3.8), CVE-2024-36357 (5.6), and CVE-2024-36350 (5.6). Together, they can be used in a so-called Transient Scheduler Attack (TSA), a side-channel, or timing-based attack that likely exploits transient scheduling decisions made by the CPU scheduler to leak information.

Since this is a side-channel attack that results in information disclosure, it is similar to the infamous Meltdown and Spectre flaws which dominated the security scene for months.

Separately, the vulnerabilities were given relatively low severity scores, since the devices need to be compromised in advance, either by physical presence, or through malware, before they can be leveraged.

Furthermore, the TSA would need to be executed many times before any meaningful data could be extracted.

Here is how a theoretical attack would occur: A CPU expects load instructions to complete rather quickly. However, if there is a condition that prevents them from doing so, a “false completion” happens. Since the load didn’t complete, the data from the load is forwarded to dependent operations, affecting the timing of the instructions the CPU executes - something the attackers can observe.

The worst-case scenario is AMD chips leaking OS kernel information - but other applications or VMs could leak data as well.

A patch is already available, and AMD advised system admins to update to the latest Windows versions as soon as possible.

Those who are unable to install the patch quickly can implement a workaround involving a VERW instruction, but AMD has advised against it since it could reduce the performance of the system. In any case, the details about the mitigation can be found here.

The full list of all affected chips, including EPYC, Ryzen, Instinct, Ahtlon, and others, can be found in AMD’s advisory.

Via The Register

• Intel still vulnerable to Spectre data-leak vulnerabilities, researchers say
• Intel and AMD chips are under attack from a new generation of Spectre threats
• We've rounded up the best password managers