AMD has issued an alert to users of a newly discovered form of side-channel attack similar to the infamous Meltdown and Spectre exploits that dominated the news in 2018.
The potential exploits affect the full range of AMD processors – desktop, mobile and data center models — particularly 3rd and 4th generation Epyc server processors. The full list can be found here.
Meltdown and Spectre Generated a fair amount of concern because of the severity of the vulnerabilities. Bad actors could exploit the core of CPU design, stealing data from speculative executions even though that data was never supposed to be visible to programs.
Attackers could also break isolation between programs. Normally, an application shouldn’t be able to read memory from the kernel or other applications, but Meltdown let user programs read kernel memory and Spectre let programs trick other programs into accessing sensitive data through side channels.
One area where this new exploit is not like Spectre and Meltdown is that it only affects AMD processors. Spectre and Meltdown impacted Intel and Arm as well as AMD.
The vulnerability, officially called Transient Scheduler Attack (TSA) consists of four vulnerabilities that AMD said it discovered while looking into a Microsoft report about microarchitectural leaks. AMD said there are two different TSA variants called TSA-L1 and TSA-SQ because the -L1 variant can infer data from the L1 cache and -SQ variant can steal data from the CPU store queue.
AMD itself isn’t terribly worried about them; two of the exploits are rated medium in the severity ratings while the other two are rated low.
There are good reasons for the low severity scores. First, there is a high degree of complexity involved in a successful attack. AMD said it could only be carried out by an attacker able to run arbitrary code on a target machine and the attacker would need local access to the machine. Finally, the exploit would need to be executed many times in order to extract any data. In a worst-case scenario, Data might leak from the OS kernel or a virtual machine.
The good news is that remedies exist for these exploits. AMD released Platform Initialization (PI) firmware revisions to OEMs, so customers are advised to contact their OEM for the BIOS update specific to their product(s). Additionally, AMD recommends customers consult with their operating system vendor’s documentation for information on how to enable the OS portion of the mitigation.
Source:: Network World