- AMD finds four flaws, separately low in severity, but powerful when combined
- Together, they can be abused in information disclosure attacks
- The list of affected devices is rather extensive, so be on your guard
AMD has discovered several security vulnerabilities affecting many of its chips can be chained together to create a concerning hack which could result in information disclosure.
The four vulnerabilities are tracked as CVE-2024-36349 (3.8), CVE-2024-36348 (3.8), CVE-2024-36357 (5.6), and CVE-2024-36350 (5.6). Together, they can be used in a so-called Transient Scheduler Attack (TSA), a side-channel, or timing-based attack that likely exploits transient scheduling decisions made by the CPU scheduler to leak information.
Since this is a side-channel attack that results in information disclosure, it is similar to the infamous Meltdown and Spectre flaws which dominated the security scene for months.
Updating the systems
Separately, the vulnerabilities were given relatively low severity scores, since the devices need to be compromised in advance, either by physical presence, or through malware, before they can be leveraged.
Furthermore, the TSA would need to be executed many times before any meaningful data could be extracted.
Here is how a theoretical attack would occur: A CPU expects load instructions to complete rather quickly. However, if there is a condition that prevents them from doing so, a “false completion” happens. Since the load didn’t complete, the data from the load is forwarded to dependent operations, affecting the timing of the instructions the CPU executes - something the attackers can observe.
The worst-case scenario is AMD chips leaking OS kernel information - but other applications or VMs could leak data as well.
A patch is already available, and AMD advised system admins to update to the latest Windows versions as soon as possible.
Those who are unable to install the patch quickly can implement a workaround involving a VERW instruction, but AMD has advised against it since it could reduce the performance of the system. In any case, the details about the mitigation can be found here.
The full list of all affected chips, including EPYC, Ryzen, Instinct, Ahtlon, and others, can be found in AMD’s advisory.
Via The Register