Post by account_disabled on Jan 29, 2024 9:26:44 GMT
Zenbleed: Everything you need to know about this AMD security bug July 26, 2023by billy16 The latest in a long line of security bugs for CPUs, Zenbleed is yet another one that needs to be fixed. Here's what you need to know. CPU AMD Ryzen 3000. Source: AMD After the release of the Specter and Meltdown CPU exploits in 2018, the computer world has been very vigilant in finding bugs and security flaws in processors, and in the last five years, researchers have found a ton. On July 24, another exploit was publicly disclosed after it was first reported in May. This time, it is specific to the AMD processor, which is built on the Zen 2 architecture and it is called "by name". Zenbled ". Here's everything you need to know about Zenbleed and what it means for the world. How does Zenbleed work? amd ryzen chip Zenbleed is very similar to other hardware security bugs, such as Specter, in that it uses an estimated CPU capacity. To improve performance,
CPUs guess or predict what to do next, and since Specter was first revealed, the world has learned that guesswork can be very dangerous if done wrong. XMM YMM registers Source: Tavis Ormandy Registers in a CPU can hold small amounts of data, usually an instruction, a storage address, or any other small data. The XMM registers on the x86_64 architecture (so any affected Zen 2 processor) can only be used to calculate data, not to memory. This is expanded to 256 bits in case of YMM registers and 512 bits in ZMM registers. In this case, XMM to the lower 128 bits of the total 512 bits of ZMM registers. These registers are extremely useful for many different things, including standard C functions. This vulnerability exploits the performance of guesswork an Country Email List eld misprediction to essentially remove a random piece of data from memory, but that data could be from something . C standard library functions like strlen, which measures the length of a string, can use these registers to transfer data, and it's possible that the password you're using might accidentally fall into one of these registers. Branch prediction and estimated performance broadly indicate that your computer is performing operations that are not needed now, but are likely to be needed in the future. It is usually done at times when your system has free resources because it speeds up overall processing when instructions or data are not otherwise ready for the CPU. If the work being done is not needed
it is usually discarded and the processor can return to the next instruction, right where it is needed. When it does this, it is called branch prediction. Where the problem arises is in the vzeroupper instruction, which zeroes the bits in position 128 and above of the YMM and ZMM registers. This is especially useful when switching between AVX and older SSE code, as it eliminates performance penalties caused by false dependencies, and also avoids an effect similar to integer promotion in C. If the processor executes the vzeroupper instruction tentatively, there is no valid return. However, affected Ryzen processors may be forced to recover from it, albeit incorrectly. Once in this state, the executable program can then spy on the registries in real-time and view data throughout the system at any time. Which CPUs is affected by Zenbleed and when will the patches be available? As previously mentioned, only AMD CPUs based on the Zen 2 architecture are known to be vulnerable to the Zenbleed security flaw, but the Zen 2 architecture enabled CPUs in three series, and it is difficult to understand which CPUs
CPUs guess or predict what to do next, and since Specter was first revealed, the world has learned that guesswork can be very dangerous if done wrong. XMM YMM registers Source: Tavis Ormandy Registers in a CPU can hold small amounts of data, usually an instruction, a storage address, or any other small data. The XMM registers on the x86_64 architecture (so any affected Zen 2 processor) can only be used to calculate data, not to memory. This is expanded to 256 bits in case of YMM registers and 512 bits in ZMM registers. In this case, XMM to the lower 128 bits of the total 512 bits of ZMM registers. These registers are extremely useful for many different things, including standard C functions. This vulnerability exploits the performance of guesswork an Country Email List eld misprediction to essentially remove a random piece of data from memory, but that data could be from something . C standard library functions like strlen, which measures the length of a string, can use these registers to transfer data, and it's possible that the password you're using might accidentally fall into one of these registers. Branch prediction and estimated performance broadly indicate that your computer is performing operations that are not needed now, but are likely to be needed in the future. It is usually done at times when your system has free resources because it speeds up overall processing when instructions or data are not otherwise ready for the CPU. If the work being done is not needed
it is usually discarded and the processor can return to the next instruction, right where it is needed. When it does this, it is called branch prediction. Where the problem arises is in the vzeroupper instruction, which zeroes the bits in position 128 and above of the YMM and ZMM registers. This is especially useful when switching between AVX and older SSE code, as it eliminates performance penalties caused by false dependencies, and also avoids an effect similar to integer promotion in C. If the processor executes the vzeroupper instruction tentatively, there is no valid return. However, affected Ryzen processors may be forced to recover from it, albeit incorrectly. Once in this state, the executable program can then spy on the registries in real-time and view data throughout the system at any time. Which CPUs is affected by Zenbleed and when will the patches be available? As previously mentioned, only AMD CPUs based on the Zen 2 architecture are known to be vulnerable to the Zenbleed security flaw, but the Zen 2 architecture enabled CPUs in three series, and it is difficult to understand which CPUs