AMD Admits Ryzen 5000 CPU Exploit Leave PC Open to Hackers
With Zen 3, the speculative execution feature which is a common feature in modern processors is known as Predictive Store Forwarding (PSF). Essentially its task is to guess which instruction is most likely to be sent next through the use of branch prediction algorithms and fetch that command in anticipation. The aim is to speed up the microprocessor’s output pipeline, but the feature comes with risks.
In the occurrence of a misinterpretation, software such as web browsers that use ‘sandboxing’ can expose your CPU to side-channel attacks.
Sandboxing (isolation) is actually aimed at protecting against threats by placing malicious code on the naughty step and challenging its motivations. However, similar to the Spectre vulnerabilities, possible changes to the cache state in such cases could result in hackers gaining access to portions of one’s personal data.
Due to Spectre and Meltdown vulnerabilities, web browsers don’t tend to rely on isolation processes as much nowadays, but there are still risks that AMD outlines forthrightly.
Under the security analysis section of a publicly accessible AMD report, “A security concern arises if code exists that implements some kind of security control which can be bypassed when the CPU speculates incorrectly. This may occur if a program (such as a web browser) hosts pieces of untrusted code and the untrusted code can influence how the CPU speculates in other regions in a way that results in data leakage.”
“If an attacker is able to run code within a target application, they may be able to influence speculation on other loads within the same application by purposely training the PSF predictor with malicious information.”
However, there is a way to protect yourself from the feature’s potential flaws, which is by simply disabling PSF. However, this is not an option that AMD recommends because it has the potential to stifle performance. In certain cases, Meltdown and Spectre mitigations in Intel CPUs had also led to similar performance limitations.
The tests by Phronix show that turning off the feature only reduces CPU output by 1%. A firmware update could provide a short-term patch for those that are currently affected, but a long-term solution will likely have to come in the form of a change to the architecture itself.