'Zenbleed' Flaw Affects AMD Zen 2 CPUs, But Patches Are Months Away

pcmag.com:

If you own an AMD chip built with the Zen 2 architecture, be on the lookout for an important patch in the coming months. A security researcher discovered a flaw in AMD’s CPUs that can be exploited to steal passwords and encryption keys from a PC. 

The finding comes from Tavis Ormandy, a security researcher at Google, who warns the vulnerability affects all Zen 2 CPUs, which span(Opens in a new window) both desktop and laptop chips largely in the  Ryzen 3000 and 4000 line, in addition to Epyc "Rome" processors.    

By abusing the flaw, a hacker can trigger a Zen 2 CPU to leak normally protected data, which can include sensitive details. "The attack can even be carried out remotely through JavaScript on a website, meaning that the attacker need not have physical access to the computer or server,” adds(Opens in a new window) internet backbone provider Cloudflare.

Ormandy discovered the problem while “fuzzing” the AMD processors, which essentially involves trying to get the chips to crash by bombarding them with invalid instructions. The Zenbleed vulnerability specifically affects the register file for the CPUs, which stores information to complete operations. 

“This attack works by manipulating register files to force a mispredicted command,” Cloudflare says. “Since the register file is shared by all the processes running on the same physical core, this exploit can be used to eavesdrop on even the most fundamental system operations by monitoring the data being transferred between the CPU and the rest of the computer.” 

In his own write-up(Opens in a new window), Ormandy adds: “The bug works like this, first of all you need to trigger something called the XMM Register Merge Optimization, followed by a register rename(Opens