Zero day flaw ‘Zenbleed’ in AMD Zen 2 Ryzen 3000, EPYC CPUs can leak your enterprise data


The dangers posed by cybersecurity continue to advance, and processors are not exempt from this trend. CVE-2023-20593 is a severe security issue that affects AMD’s Zen2 class CPUs. It was discovered not too long ago and has been making news ever since. Because of this vulnerability, an attacker is able to spy on the registers of other processes without needing to make any system calls or have any special permissions.

The vector register file (RF), which is a resource that is shared across all jobs running on a physical core, is the primary contributor to the vulnerability. The registration allocation table, often known as the RAT, is in charge of mapping and allocating radio frequency (RF) resources to registered names. The fact that zero-value registers do not need any RF space makes this design one of a kind; all that is required is a flag in the RAT that is referred to as the z-bit. The CVE-2023-20593 vulnerability, often known as “zenbleed,” occurs when the z-bit is set speculatively, which implies that it cannot be unset upon branch misprediction. This leaves the system vulnerable to attacks. The use-after-free (UaF) scenario is the source of the security risk; it was caused when the previously allotted (RF) space may have been reallocated in the time period between these two actions.

Within the context of this problem, Tavis Ormandy, who works for Google Information Security, made a significant discovery. He came to the conclusion that this UaF scenario may in fact take place under extremely certain circumstances. Among them are a mispredicted VZEROUPPER instruction concurrently entering the FP backend, a register renaming, and an instruction that uses merge optimization. The effect that this error has in the actual world is significant.

It gives malicious actors the ability to snoop on the registers of other processes without requiring them to make any system calls or have any special capabilities. In addition to this, it may operate in several virtual machines at the same time and has an effect on every operating system, making it a very widespread danger. This technique is CVE-2023-20593 and it works on all Zen 2 class processors, which includes at least the following products:

  • AMD Ryzen 3000 Series Processors
  • AMD Ryzen PRO 3000 Series Processors
  • AMD Ryzen Threadripper 3000 Series Processors
  • AMD Ryzen 4000 Series Processors with Radeon Graphics
  • AMD Ryzen PRO 4000 Series Processors
  • AMD Ryzen 5000 Series Processors with Radeon Graphics
  • AMD Ryzen 7020 Series Processors with Radeon Graphics
  • AMD EPYC “Rome” Processors



Source link