Coming on the heels of recent news that there is an unfixable vulnerability in Intel processors from the last five years, security researchers have identified a vulnerability in AMD processors from the last nine years as well.
A paper by researchers from the Graz University of Technology, first reported on by Tom’s Hardware, describes two attacks, Collide+Probe and Load+Reload, which are a subset of the “Take A Way” vulnerability and are based on a Spectre attack. The vulnerability is found in all AMD processes released between 2011 and 2019, including the Zen microarchitecture.
“We reverse-engineered AMD’s L1D cache way predictor in microarchitectures from 2011 to 2019, resulting in two new attack techniques,” the researchers wrote in the paper. “With Collide+Probe, an attacker can monitor a victim’s memory accesses without knowledge of physical addresses or shared memory when time-sharing a logical core. With Load+Reload, we exploit the way predictor to obtain highly-accurate memory-access traces of victims on the same physical core. While Load+Reload relies on shared memory, it does not invalidate the cache line, allowing stealthier attacks that do not induce any last-level-cache evictions.”
Fixes may compromise performance
This is some controversy around the findings of this paper, as the acknowledgments section includes mention of funding from Intel, first spotted by Hardware Unboxed: “Additional funding was provided by generous gifts from Intel.” This is not unusual in academic research, however, and the lead author responded on Twitter that he discloses the funding Intel provides to some of his students on all of his papers.