They detect 13 vulnerabilities that affect all AMD Ryzen and possibly also RX Vega

amd ryzen 5 2400g 39ghz raven ridge socket am4 boxed processor 001
amd ryzen 5 2400g 39ghz raven ridge socket am4 boxed processor 001

Now it is AMD who falls among the vulnerabilities at the silicon level, since a whopping thirteen vulnerabilities have been detected that affect all AMD Ryzen processors and possibly also the RX Vega.

Specter and Meltdown have mainly affected Intel processors, but AMD and ARM have not been spared from being affected by these problems. AMD appeared to be quite spared and affected, almost by chance, but a total of 13 new and unknown vulnerabilities have been discovered in all processors that are based on the Zen architecture, thus all AMD Ryzen models are affected. , from those for home use to professionals, something that is not exactly good.

The 13 detected vulnerabilities fall into four classes and affect Ryzen, Ryzen Pro, Ryzen Threadripper, EPYC and of course, Ryzen APUs. Specifically, these four groups have been called Ryzenfall, Masterkey, Fallout and Chimera and have been discovered and cataloged by security researchers at CTS-Labs, an Israeli company. This information is completely public and there is still no statement from AMD on this, but it comes at a bad time, because the Ryzen have just completed a year of constantly bothering Intel.

These vulnerabilities allow the malware to withstand reboots and even the installation of the operating system from scratch, as well as being completely undetectable by most security software. It seems that some of these vulnerabilities do not take into account even the most basic principles in terms of security, something that raises many doubts about the company's security controls, auditing and quality controls.

Like Specter and Meltdown, these vulnerabilities are at the silicon level, so they cannot be fixed, they can only be mitigated. This problem affects the current Ryzen and it will surely affect the Ryzen 2, which will hit the market next month (very possibly), since it is impossible for AMD to have the possibility of solving them at least for Ryzen based on 12nm.

The Vega architecture is not saved either, which is a huge failure and problem for the company. The problem is that Vega also makes use of the Secure Processor and could be vulnerable just like the processors based on the Zen architecture. Basically the attacker could infect the GPU, and then use the DMA to access the entire system through the vulnerabilities detected .


Source: Guru3D

Exit mobile version