AMD processors from as early as 2011 to 2019 carry previously undisclosed vulnerabilities that open them to two new different side-channel attacks, according to a freshly published research.
Known as “Take A Way,” the new potential attack vectors leverage the L1 data (L1D) cache way predictor in AMD’s Bulldozer microarchitecture to leak sensitive data from the processors and compromise the security by recovering the secret key used during encryption.
The research was published by a group of academics from the Graz University of Technology and Research Institute of Computer Science and Random Systems (IRISA), who responsibly disclosed the vulnerabilities to AMD back in August 2019.
“We are aware of a new white paper that claims potential security exploits in AMD CPUs, whereby a malicious actor could manipulate a cache-related feature to potentially transmit user data in an unintended way,” AMD said in an advisory posted on its website over the weekend.
“The researchers then pair this data path with known and mitigated software or speculative execution side-channel vulnerabilities. AMD believes these are not new speculation-based attacks.”
While the notification doesn’t go into…
http://feedproxy.google.com/~r/TheHackersNews/~3/ReRmA2cRfJQ/amd-processors-vulnerability.html