While tech companies do their best to catch and patch vulnerabilities in consumer tech before they can reach the public, one can occasionally slip through, necessitating a swift security response. This is the situation that AMD has found itself in with the discovery of a new, potentially dangerous vulnerability.
According to Google Information Security researcher Tavis Ormandy, a vulnerability has been uncovered in AMD processors that could, in theory, permit a bad actor remote access to a user’s system, allowing them to covertly steal data and sow chaos.
Specifically, the vulnerability has been found in AMD’s Zen 2 processor line: which includes the 3,000, 4,000, 5,000, and 7,020 series Ryzen and Ryzen Pro processors, as well as the EPYC data center processors.
Several hours after Ormandy’s discovery was made public this morning, AMD rolled out a patch for EPYC 7002 ‘Rome’ processors. However, patches for the aforementioned Ryzen processors are still in the works, and may remain as such for several months.
The ‘Zenbleed’ vulnerability
The exploit uncovered by Ormandy, nicknamed “Zenbleed,” effectively allows a hacker to slip a small chunk of code into a user’s AMD processor in certain situations, creating a backdoor through which data can be stolen.
“Under specific microarchitectural circumstances, a register in ‘Zen 2’ CPUs may not be written to 0 correctly,” AMD explained in a statement to Tom’s Hardware. “This may cause data from another process and/or thread to be stored in the YMM register, which may allow an attacker to potentially access sensitive information.”
In a separate statement, Ormandy provided a more detailed description of how the vulnerability works and its potential dangers. “First of all you need to trigger something called the XMM Register Merge Optimization, followed by a register rename and a mispredicted vzeroupper. This all has to happen within a precise window to work … so we can effectively spy on those operations happening anywhere on the system!”
The precise scope of the impact of this vulnerability is not yet known. Many commercial gaming devices like the PlayStation 5, Xbox Series X/S, and Steam Deck employ AMD Zen 2 processors, but it isn’t known if the vulnerability only works on standalone desktops, or if all owners should be concerned.