Earlier this year, two hardware exploits affecting CPUs made headlines after being discovered by security researchers. Spectre, difficult to exploit but also difficult to mitigate, affects nearly every high-performance processor. Meltdown, which allows attackers to access data that's supposed to be inaccessible, affects primarily CPUs from Intel (INTC +1.14%).
While chips from Advanced Micro Devices (AMD 2.33%) are affected by Spectre, Intel took the brunt of the negative press related to these exploits, and the fixes have a negative impact on performance of Intel's chips in some cases. The timing couldn't have been better for AMD, with the company aiming to win market share with its Ryzen PC CPUs and EPYC server CPUs after a long period of playing second fiddle to Intel.
That task may have gotten more difficult this week. On Tuesday, security research firm CTS Labs announced that it had found multiple security vulnerabilities and manufacturer backdoors in AMD's Ryzen and EPYC processors. AMD was notified in advance, but was given just 24 hours of notice, far less than the typical period of 90 days. AMD is "actively investigating and analyzing" the firm's findings.
Image source: AMD.
Four classes of vulnerabilities
CTS Labs described four different classes of vulnerabilities on a website dedicated to the exploits: Ryzenfall, Masterkey, Fallout, and Chimera. Ryzen workstation, Ryzen Pro, Ryzen Mobile, and EPYC server chips are all affected by one or more of these exploits, according to CTS Labs. (Anandtech has a write-up that goes into detail on how each exploit works.)
Given how short a period CTS Labs gave AMD before going public with these exploits, some skepticism isn't unwarranted. "This company was previously unknown to AMD and we find it unusual for a security firm to publish its research to the press without providing a reasonable amount of time for the company to investigate and address its findings," AMD wrote on a webpage addressing the issue.
However, at least one other security company has confirmed that these exploits work as advertised. Trail of Bits, a New York-based cybersecurity firm, has spent a week reviewing CTS Labs' findings. Speaking to Reuters, Trail of Bits CEO Dan Guido confirmed that the company had verified the findings. "These are real security issues in AMD code and processors," Guido said.
Masterkey, Ryzenfall, and Fallout could take months for AMD fix, while Chimera cannot be fixed and requires a potentially difficult and side-effect-inducing workaround, according to CTS Labs.
Terrible timing
AMD was given a gift with the Spectre and Meltdown news. With Intel having a near-monopoly in the server chip market, AMD's efforts to reassert itself with EPYC certainly got a boost from news that Intel products were affected to a greater degree than AMD products. These new exploits, specific to AMD and potentially serious, could deal a blow to AMD's efforts to win back market share with EPYC.
It may be days or weeks before AMD has a substantial update on these exploits, given that it only recently learned about them. At this point, the seriousness of these exploits is not entirely clear. Taken at face value, CTS Labs' claims paint a dire picture. But given the strange circumstances around the announcement, there's always the chance it's over-hyping its findings.
Regardless, this is bad news for AMD at a critical time for the company.
