Security flaw means AMD Zen CPUs can be "jailbroken"

News
By
published

Google showed everyone how to push microcode updates

AMD logo
(Image credit: Shutterstock / JHVEPhoto)
  • Google's researchers found a vulnerability in AMD Zen 1 - 4 chips
  • It allows anyone to push microcode updates, even malicious ones
  • The bug requires high privilege level in advance

AMD processors, from Zen 1 all the way to Zen 4, are carrying a major vulnerability that allows threat actors to push microcode updates on affected chips.

This is according to researchers from Google, who also released a tool to install the updates, or “jailbreak” the device.

Google’s researchers called the vulnerability “EntrySign”. They explained that it stems from the way AMD uses AES-CMAC as a hash function in a signature verification process, which is essentially a cryptographic error, since CMAC is designed as a message authentication code. The vulnerability is tracked as CVE-2024-56161, and was given a severity score of 7.2/10 (high).

Zentool

The researchers also found AMD was using a published example key from NIST documentation all this time, which helped them forge signatures and install any updates to the microcode they saw fit. In theory, a threat actor could abuse the vulnerability to bypass security mechanisms and trigger information leakage.

In practice, however, it’s a lot more difficult than that. The attackers would need to have local admin privileges beforehand, which is difficult enough on its own. Furthermore, the attacks would only persist until the next system reboot.

In any case, Google released an open source tool called ‘zentool’, which allows security researchers (and, unfortunately, threat actors) to drop custom microcode patches.

It consists of tools for microcode patch examination (including limited disassembly), microcode patch authoring, signing, and loading. The researchers said they’re planning on releasing details on how to decrypt and encrypt microcode patches in the future, as well. “A significant portion of the ongoing research is focused on building an accurate understanding of the AMD microcode instruction set – the current disassembly and assembly are not always accurate due to this challenge,” the report stated.

AMD has released BIOS updates to address this vulnerability, so if you fear you might be targeted, make sure to update your systems to versions dated December 17, 2024, or later.

Via Tom's Hardware

You might also like

TOPICS
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Read more
AMD logo
AMD patches high severity security flaw affecting Zen chips
AMD Ryzen 5 7600X processor
AMD confirms processor security flaws after Asus patch slips out early
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
AMD VM security tools can be bypassed, letting hackers infilitrate your devices, experts warn
An abstract image of a lock against a digital background, denoting cybersecurity.
Apple CPU security issue could let hackers steal user data from browsers
Security
Intel slams Nvidia and AMD, claims chip giants have huge numbers of security flaws
MediaTek
MediaTek reveals host of security vulnerabilities, so patch now
Latest in Security
Representational image of a cybercriminal
Criminals are spreading malware disguised as DeepSeek AI
AMD logo
Security flaw means AMD Zen CPUs can be "jailbroken"
healthcare
Software bug meant NHS information was potentially “vulnerable to hackers”
A hacker wearing a hoodie sitting at a computer, his face hidden.
Experts warn this critical PHP vulnerability could be set to become a global problem
botnet
YouTubers targeted by blackmail campaign to promote malware on their channels
A close-up of a phone screen showing the Telegram, Signal and WhatsApp apps
Agentic AI has “profound” issues with security and privacy, Signal President says
Latest in News
Nintendo Switch 2
A Nintendo Switch 2 FCC filing confirms Wi-Fi 6 and NFC support for the upcoming console
Google Pixel 8 review Pixel 8 Pro cameras
Is your Google Pixel 9 screen flickering or are the haptics a lot more intense? You aren't alone, and thankfully there's a fix
Motorola Edge 50 Pro lavender
Your next Android bargain? Major Motorola leak teases details of multiple 2025 phones – including the Edge 60 series
Matt Murdock holding a phone to his right ear in a prison in Daredevil: Born Again episode 2
What time is Daredevil: Born Again episode 3 going to be released on Disney+?
A close-up of the PS5 Pro
PS5 Pro games will soon get something 'very similar' to FSR 4 for what Sony is calling 'the next evolution of PSSR'
Representational image of a cybercriminal
Criminals are spreading malware disguised as DeepSeek AI
More about security
Representational image of a cybercriminal

Criminals are spreading malware disguised as DeepSeek AI
botnet

YouTubers targeted by blackmail campaign to promote malware on their channels
Motorola Edge 50 Pro lavender

Your next Android bargain? Major Motorola leak teases details of multiple 2025 phones – including the Edge 60 series
See more latest
Most Popular
Motorola Edge 50 Pro lavender
Your next Android bargain? Major Motorola leak teases details of multiple 2025 phones – including the Edge 60 series
A close-up of the PS5 Pro
PS5 Pro games will soon get something 'very similar' to FSR 4 for what Sony is calling 'the next evolution of PSSR'
Matt Murdock holding a phone to his right ear in a prison in Daredevil: Born Again episode 2
What time is Daredevil: Born Again episode 3 going to be released on Disney+?
Nintendo Switch 2
A Nintendo Switch 2 FCC filing confirms Wi-Fi 6 and NFC support for the upcoming console
Two business men playing chess in the office.
It turns out ChatGPT o1 and DeepSeek-R1 cheat at chess if they’re losing, which makes me wonder if I should I should trust AI with anything
Google Pixel 8 review Pixel 8 Pro cameras
Is your Google Pixel 9 screen flickering or are the haptics a lot more intense? You aren't alone, and thankfully there's a fix
AMD RX 9070 GPU models
Modders do what AMD can't (or won't) by adding FSR 4 support to more games
Where to buy Xbox Series X stock pre-orders
The next Xbox console is reportedly now 'fully in production' and targeting a 2027 release
Representational image of a cybercriminal
Criminals are spreading malware disguised as DeepSeek AI
The logo of the social media app Bluesky is seen on the screen of a mobile phone
Bluesky gets a massive video upgrade to tempt X fans who are frustrated by its cyberattack outages