AMD admits Zen 3 processors are vulnerable to Spectre-like side-channel attack

An AMD Ryzen Processor
(Image credit: Future)

AMD has admitted that Zen 3 processors, such as the Ryzen 5000 CPU series, are vulnerable to a side-channel exploit that’s similar to the Spectre flaw that previously impacted a number of Intel processors

The vulnerability relates to a new feature AMD introduced with Zen 3 called Predictive Store Forwarding (PSF), which is hardware-based micro-architectural optimization designed to improve the performance of code execution by predicting dependencies between loads and stores.

"In typical code, PSF provides a performance benefit by speculating on the load result and allowing later instructions to begin execution sooner than they otherwise would be able to," AMD explains.

While most of the time PSF predictions are calculated accurately, occasionally it may not be as accurate as it should. When a bad PSF speculation occurs, Zen 3-based processors can be targeted by side-channel attacks.

AMD explained two scenarios where an incorrect PSF prediction can occur: "First, it is possible that the store/load pair had a dependency for a while but later stops having a dependency. This can occur if the address of either the store or load changes during the execution of the program," it said.

"The second source of incorrect PSF predictions can occur if there is an alias in the PSF predictor structure. The PSF predictor is designed to track stores/load pairs based on portions of their RIP. 

"It is possible that a store/load pair which does have a dependency may alias in the predictor with another store/load pair which does not. This may result in incorrect speculation when the second store/load pair is executed."

AMD has provided instructions on how to disable PSF as this feature comes enabled by default on Zen 3 processors, and the company has also proposed a Linux patch to enable/disable the functionality. AMD has yet to confirm whether a Windows patch is in the works. 

However, AMD says that it has not yet seen any real-world attacks taking advantage of PSF, so it's recommending that customers leave the feature enabled for now. This is likely because disabling PSF could result in a performance hit. 

Via: KitGuru

TOPICS
Carly Page

Carly Page is a Freelance journalist, copywriter and editor specialising in Consumer/B2B technology. She has written for a range of titles including Computer Shopper, Expert Reviews, IT Pro, the Metro, PC Pro, TechRadar and Tes. 

Read more
AMD logo
AMD patches high severity security flaw affecting Zen chips
AMD logo
Security flaw means AMD Zen CPUs can be "jailbroken"
AMD Ryzen 5 7600X processor
AMD confirms processor security flaws after Asus patch slips out early
An abstract image of a lock against a digital background, denoting cybersecurity.
Apple CPU security issue could let hackers steal user data from browsers
Security
Intel slams Nvidia and AMD, claims chip giants have huge numbers of security flaws
AMD Ryzen 5 2500X
AMD’s Ryzen 9 9950X3D CPU could be on sale soon – but I’m still worried about the price
Latest in CPU
The main battle pass characters in Fortnite Lawless, including Midas, Sub Zero and a large wolf-man
You'll finally be able to play Fortnite on Windows 11 Arm-powered laptops as Epic Games partners with Qualcomm
Ryzen 9000 promotional material
AMD's most powerful processor ever actually runs better on Windows 10 than Windows 11
An AMD Ryzen 9 9950X3D on its retail packaging
I've reviewed three generations of 3D V-cache processors, and the AMD Ryzen 9 9950X3D is the best there is
AMD Ryzen 9000 3D chips
AMD officially announces price and release date for Ryzen 9 9900X3D and 9950X3D processors
A chip wafer manufactured at Intel Foundry
Can 18A save Intel from being devoured by its rivals – and Wall Street?
A stock photo of a man saying 'no thank you' to a gift box bearing the AMD Ryzen logo.
I'm tired of waiting for AMD's entry-level Ryzen 9000 series chips
Latest in News
Google Pixel 8a in aloe green showing
Google Pixel 9a benchmark link teases the performance of the upcoming mid-ranger
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 17 (game #1148)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 17 (game #379)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 17 (game #645)
Apple iPhone 16 Pro HANDS ON
Leaked iPhone 17 dummy units may have given us our best look yet at all four models
A super close up image of the Google Gemini app in the Play Store
It's official: Google Assistant will be retired for phones this year, with Gemini taking over