A critical security flaw has been uncovered in AMD’s Zen 2 architecture-based processors, putting sensitive data like encryption keys and passwords at risk of extraction.
Discovered by Google Project Zero researcher Tavis Ormandy, this vulnerability, known as Zenbleed (CVE-2023-20593), enables data exfiltration at a rapid rate of 30 kb per core, per second. It falls within the category of speculative execution attacks, where attackers exploit CPU optimization techniques to access cryptographic keys through CPU registers.
AMD has explained that the vulnerability arises under specific microarchitectural circumstances, leading to a miswritten register in ‘Zen 2’ CPUs. This misconfiguration could potentially store data from other processes or threads in the YMM register, thereby granting unauthorized access to sensitive information.
Cloudflare, a web infrastructure company, highlights that the attack can even be executed remotely using JavaScript on a website, eliminating the need for physical access to the computer or server. This development raises concerns, especially for applications processing large amounts of data, as they become increasingly targeted by malicious actors.
The attack leverages register file manipulation to force a mispredicted command, exploiting the shared nature of the register file among processes on the same physical core. As a result, attackers can eavesdrop on fundamental system operations by monitoring data transfers between the CPU and the rest of the computer.
While there have been no reported instances of the vulnerability being exploited in the wild, it is crucial for users to promptly apply microcode updates offered by original equipment manufacturers (OEMs) to mitigate potential risks. Staying vigilant and ensuring timely updates will be vital in safeguarding systems from potential breaches.
