Image: AMD

It was only a matter of time before security vulnerabilities started appearing for AMD processors.

Graz University of Technology researchers have discovered two new side-channel attacks – “Collide+Probe” and “Load+Reload” – that affect AMD CPUs from 2011 to 2019. These would include recent Zen products such as the Threadripper 2970WX (Zen+), Ryzen 7 3700X (Zen 2), and EPYC 7571 (Zen).

Image: Graz University

Both vulnerabilities involve AMD’s L1D cache way predictor, which enhances performance and reduces power consumption by managing how cached data is handled within memory. They could allow attackers with physical access to steal sensitive data.

Collide+Probe lets an attacker “monitor a victim’s memory accesses without knowledge of physical addresses or shared memory when time-sharing a logical core,” while Load+Reload exploits “the way predictor to obtain highly-accurate memory-access traces of victims on the same physical core,” the researchers explained.

Some readers have pointed out that this research was funded by Intel: “Additional funding was provided by generous gifts from Intel. Any opinions, findings, and conclusions or recommendations expressed in this paper are those of the authors and do not necessarily reflect the views of the funding parties,” reads a passage in the Acknowledgments section.

The findings seem to be pretty legit, however. Daniel Gruss, one of the lead researchers, says this is par for the course.

Don’t Miss Out on More FPS Review Content!

Our weekly newsletter includes a recap of our reviews and a run down of the most popular tech news that we published.

Join the Conversation

7 Comments

  1. [QUOTE=”Brian_B, post: 10865, member: 96″]
    I was wondering how long AMDs seeming immunity would last
    [/QUOTE]

    Whats great is this is already corrected in zen 2. But yea thats a ding.

  2. Correction zen 2+ I guess. Ryzen 9 and the new thread rippers and presumably. New epyc cpu’s are fine. Also… Notice something else here. All of the recent Intel vulnerabilities had a CVE associated with them. I’m curious as to why this one doesn’t.

  3. What’s the over/under on the next one being Collaborate+Listen? I suppose if they can put a stop to it…

Leave a comment