• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Meltdown-like Vulnerability Affects AMD Zen+ and Zen2 Processors

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
47,233 (7.55/day)
Location
Hyderabad, India
System Name RBMK-1000
Processor AMD Ryzen 7 5700G
Motherboard ASUS ROG Strix B450-E Gaming
Cooling DeepCool Gammax L240 V2
Memory 2x 8GB G.Skill Sniper X
Video Card(s) Palit GeForce RTX 2080 SUPER GameRock
Storage Western Digital Black NVMe 512GB
Display(s) BenQ 1440p 60 Hz 27-inch
Case Corsair Carbide 100R
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Cooler Master MWE Gold 650W
Mouse ASUS ROG Strix Impact
Keyboard Gamdias Hermes E2
Software Windows 11 Pro
Cybersecurity researchers Saidgani Musaev and Christof Fetzer with the Dresden Technology University discovered a novel method of forcing illegal data-flow between microarchitectural elements on AMD processors based on the "Zen+" and "Zen 2" microarchitectures, titled "Transient Execution of Non-canonical Accesses." The method was discovered in October 2020, but the researchers followed responsible-disclosure norms, giving AMD time to address the vulnerability and develop a mitigation. The vulnerability is chronicled under CVE-2020-12965 and AMD Security Bulletin ID "AMD-SB-1010."

The one-line summary of this vulnerability from AMD reads: "When combined with specific software sequences, AMD CPUs may transiently execute non-canonical loads and store using only the lower 48 address bits, potentially resulting in data leakage." The researchers studied this vulnerability on three processors, namely the EPYC 7262 based on "Zen 2," and Ryzen 7 2700X and Ryzen Threadripper 2990WX, based on "Zen+." They mention that all Intel processors that are vulnerable to MDS attacks "inherently have the same flaw." AMD is the subject of the paper as AMD "Zen+" (and later) processors are immune to MDS as demonstrated on Intel processors. AMD developed a mitigation for the vulnerability, which includes ways of patching vulnerable software.

Find the security research paper here (PDF), and the AMD security bulletin here. AMD's mitigation blueprint can be accessed here.



View at TechPowerUp Main Site
 
Joined
Oct 16, 2014
Messages
671 (0.18/day)
System Name Work in progress
Processor AMD Ryzen 5 3600
Motherboard Asus PRIME B350M-A
Cooling Wraith Stealth Cooler, 4x140mm Noctua NF-A14 FLX 1200RPM Case Fans
Memory Corsair 16GB (2x8GB) CMK16GX4M2A2400C14R DDR4 2400MHz Vengeance LPX DIMM
Video Card(s) GTX 1050 2GB (for now) 3060 12GB on order
Storage Samsung 860 EVO 500GB, Lots of HDD storage
Display(s) 32 inch 4K LG, 55 & 48 inch LG OLED, 40 inch Panasonic LED LCD
Case Cooler Master Silencio S400
Audio Device(s) Sound: LG Monitor Built-in speakers (currently), Mike: Marantz MaZ
Power Supply Corsair CS550M 550W ATX Power Supply, 80+ Gold Certified, Semi-Modular Design
Mouse Logitech M280
Keyboard Logitech Wireless Solar Keyboard K750R (works best in summer)
VR HMD none
Software Microsoft Windows 10 Home 64bit OEM, Captur 1 21
Benchmark Scores Cinebench R20: 3508 (WIP)
They mention that all Intel processors that are vulnerable to MDS attacks "inherently have the same flaw."
Crickets chirping ..................... Usual negative comments from Intel enthusiasts strangely lacking? :D

BTW my signature block was in no way influenced by the Ryzen logo above. I have been interested in black holes and neutron stars for about 50 years. I got a major site, much bigger than TPU, to stop referring to the EHT image as a photograph (others helped). Andy may have a different opinion.
 
Last edited:
Joined
Feb 3, 2017
Messages
3,749 (1.32/day)
Processor Ryzen 7800X3D
Motherboard ROG STRIX B650E-F GAMING WIFI
Memory 2x16GB G.Skill Flare X5 DDR5-6000 CL36 (F5-6000J3636F16GX2-FX5)
Video Card(s) INNO3D GeForce RTX™ 4070 Ti SUPER TWIN X2
Storage 2TB Samsung 980 PRO, 4TB WD Black SN850X
Display(s) 42" LG C2 OLED, 27" ASUS PG279Q
Case Thermaltake Core P5
Power Supply Fractal Design Ion+ Platinum 760W
Mouse Corsair Dark Core RGB Pro SE
Keyboard Corsair K100 RGB
VR HMD HTC Vive Cosmos
They mention that all Intel processors that are vulnerable to MDS attacks "inherently have the same flaw."
Who, where? Sounds like they simply mean MDS vulnerabilities.
The only place research paper mentions Intel at all is this part in the introduction:
While Spectre-type attack targets wide families of CPUs from different vendors, Meltdown-type attacks were targeting mostly Intel CPUs.
The predominant focus of previous research on Intel may mean that other vendors’ CPUs were not investigated as thoroughly and may still have undiscovered microarchitectural vulnerabilities.

Edit:
I was wrong about Intel not being mentioned. The search does not work properly in the PDF. Found the source of that sentence:
Page 4 said:
All Intel CPUs that are vulnerable to MDS attacks inherently have the same flaw described here. We tested one MDS-resistant Intel(R) Core(TM) i7-10510U, and we did not detect such a flaw.
 
Last edited:
Joined
Jul 21, 2016
Messages
144 (0.05/day)
Processor AMD Ryzen 5 5600
Motherboard MSI B450 Tomahawk
Cooling Alpenföhn Brocken 3 140mm
Memory Patriot Viper 4 - DDR4 3400 MHz 2x8 GB
Video Card(s) Radeon RX460 2 GB
Storage Samsung 970 EVO PLUS 500, Samsung 860 500 GB, 2x Western Digital RED 4 TB
Display(s) Dell UltraSharp U2312HM
Case be quiet! Pure Base 500 + Noiseblocker NB-eLoop B12 + 2x ARCTIC P14
Audio Device(s) Creative Sound Blaster ZxR,
Power Supply Seasonic Focus GX-650
Mouse Logitech G305
Keyboard Lenovo USB
In this case what do endusers need to do to be protected?

For example, i have an MSI B450 Tomahawk (latest stable bios is from last july based on AGESA ComboAm4PI 1.0.0.6) with a Ryzen 3600x, with the latest chipset driver and win10 is kept up-to-date.
 
Joined
Apr 26, 2009
Messages
517 (0.09/day)
Location
You are here.
System Name Prometheus
Processor Intel i7 14700K
Motherboard ASUS ROG STRIX B760-I
Cooling Noctua NH-D12L
Memory Corsair 32GB DDR5-7200
Video Card(s) MSI RTX 4070Ti Ventus 3X OC 12GB
Storage WD Black SN850 1TB
Display(s) DELL U4320Q 4K
Case SSUPD Meshroom D Fossil Gray
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Corsair SF750 Platinum SFX
Mouse Razer Orochi V2
Keyboard Nuphy Air75 V2 White
Software Windows 11 Pro x64
And as usual, AMD sweeps things under the rug, shifting the responsibility to the software developers:

Mitigation​

AMD recommends that SW vendors analyze their code for any potential vulnerabilities related to this type of transient execution. Potential vulnerabilities can be addressed by inserting an LFENCE or using existing speculation mitigation techniques.
 
Joined
Aug 20, 2007
Messages
21,453 (3.40/day)
System Name Pioneer
Processor Ryzen R9 9950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage Intel 905p Optane 960GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software Gentoo Linux x64 / Windows 11 Enterprise IoT 2024
And as usual, AMD sweeps things under the rug, shifting the responsibility to the software developers:
They haven't issued correcting microcode as well?

AFAIK this is also Intels advice, but they couple it with mitigating microcode.
 
Joined
Feb 11, 2020
Messages
248 (0.14/day)
Going by the title, both Zen1 and Zen3 don't have the vulnerability. That would make it a regression that's already been corrected.
 
Joined
Feb 15, 2019
Messages
1,658 (0.79/day)
System Name Personal Gaming Rig
Processor Ryzen 7800X3D
Motherboard MSI X670E Carbon
Cooling MO-RA 3 420
Memory 32GB 6000MHz
Video Card(s) RTX 4090 ICHILL FROSTBITE ULTRA
Storage 4x 2TB Nvme
Display(s) Samsung G8 OLED
Case Silverstone FT04
So it is hardware fixed in Zen3 ?
 
Joined
Apr 26, 2009
Messages
517 (0.09/day)
Location
You are here.
System Name Prometheus
Processor Intel i7 14700K
Motherboard ASUS ROG STRIX B760-I
Cooling Noctua NH-D12L
Memory Corsair 32GB DDR5-7200
Video Card(s) MSI RTX 4070Ti Ventus 3X OC 12GB
Storage WD Black SN850 1TB
Display(s) DELL U4320Q 4K
Case SSUPD Meshroom D Fossil Gray
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Corsair SF750 Platinum SFX
Mouse Razer Orochi V2
Keyboard Nuphy Air75 V2 White
Software Windows 11 Pro x64
They haven't issued correcting microcode as well?

No, and it won't ever be addressed, other than that 8-page PDF showing a few assembler code snippets that software developers should look out for.

Consider some small piece of code written in a high level language, let's say the Fibonacci sequence, that's going to be about 8 lines of code. In assembler that's going to translate to at least 40 lines of code. Now apply some scale economics and think of a 1 to 5 million line project. That's not a small project, but it's not necessarily a huge one either. For example, an old version of Photoshop, CS6, has about 4.5 million lines of code. In assembler, that would be at least 25 million lines of code. And this is probably undercutting it by a fair amount.

AMD says good luck with that.
 
Joined
Jul 5, 2013
Messages
27,734 (6.67/day)
After having read the data sheet pdf, it seems clear to me this is a minor vulnerability which is why AMD classified it as "Medium" severity. The reason is detailed in the pdf. The vulnerability is present, but difficult to use for data capture, requires a perfect storm of conditions(including attacker physical presence, remote attacks are extremely unlikely) and even if successful will yield only that data which is present in the CPU L2/L3 at the time of execution. This is almost nothing-sauce.

AFAIK this is also Intels advice, but they couple it with mitigating microcode.
Potential vulnerabilities can be addressed by inserting an LFENCE or using existing speculation mitigation techniques as described in [2].
No microcode updates are needed as existing mitigations are easily adapted to resolve the problem.
 
Last edited:
Joined
Jun 12, 2020
Messages
66 (0.04/day)
Processor AMD Ryzen 9 9950X
Motherboard Asus ROG Strix B650E-E Gaming Wifi bios 3040 w/Agesa 1.2.0.2
Cooling Thermalright Phantom Spirit 120
Memory 64 GB Kingston FURY Beast DDR5-6000 CL30 - 2x32 GB
Video Card(s) ASRock Radeon RX 7900 XTX Phantom Gaming OC
Storage 1 x WD Black SN850 1TB, 1 x Samsung 990 PRO 2TB, 2 x Samsung 860 1TB, 1 x Segate 16TB HDD
Display(s) Dell G3223Q 4K UHD
Case NZXT H7 Flow (2024) - All Black
Audio Device(s) ROG SupremeFX 7.1 Surround Sound High Definition Audio CODEC ALC4080
Power Supply Thermalright TP 1000 Watt
Mouse Razer DeathAdder v3.0 PRO
Keyboard Razer BlackWidow V4
Software Windows 11 PRO 24H2 build 26100.1882
It's funny ... whenever a new Intel release is approaching we get all these ... AMD is bad AMD is insecure AMD is trash Intel wrecks AMD in 1 test and so on.
I wonder where it's all coming from? and why reporters are eating it raw.
 
Joined
Apr 26, 2009
Messages
517 (0.09/day)
Location
You are here.
System Name Prometheus
Processor Intel i7 14700K
Motherboard ASUS ROG STRIX B760-I
Cooling Noctua NH-D12L
Memory Corsair 32GB DDR5-7200
Video Card(s) MSI RTX 4070Ti Ventus 3X OC 12GB
Storage WD Black SN850 1TB
Display(s) DELL U4320Q 4K
Case SSUPD Meshroom D Fossil Gray
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Corsair SF750 Platinum SFX
Mouse Razer Orochi V2
Keyboard Nuphy Air75 V2 White
Software Windows 11 Pro x64
AMD publicly disclosed the vulnerability this month. It has nothing to do with Intel's new releases calendar.
 
Joined
Feb 21, 2006
Messages
2,221 (0.32/day)
Location
Toronto, Ontario
System Name The Expanse
Processor AMD Ryzen 7 5800X3D
Motherboard Asus Prime X570-Pro BIOS 5013 AM4 AGESA V2 PI 1.2.0.Cc.
Cooling Corsair H150i Pro
Memory 32GB GSkill Trident RGB DDR4-3200 14-14-14-34-1T (B-Die)
Video Card(s) XFX Radeon RX 7900 XTX Magnetic Air (24.10.1)
Storage WD SN850X 2TB / Corsair MP600 1TB / Samsung 860Evo 1TB x2 Raid 0 / Asus NAS AS1004T V2 20TB
Display(s) LG 34GP83A-B 34 Inch 21: 9 UltraGear Curved QHD (3440 x 1440) 1ms Nano IPS 160Hz
Case Fractal Design Meshify S2
Audio Device(s) Creative X-Fi + Logitech Z-5500 + HS80 Wireless
Power Supply Corsair AX850 Titanium
Mouse Corsair Dark Core RGB SE
Keyboard Corsair K100
Software Windows 10 Pro x64 22H2
Benchmark Scores 3800X https://valid.x86.fr/1zr4a5 5800X https://valid.x86.fr/2dey9c 5800X3D https://valid.x86.fr/b7d
Glad i'm on Zen 3 and ya that title certainly needs work.
 
Joined
Jun 3, 2010
Messages
2,540 (0.48/day)
It's funny ... whenever a new Intel release is approaching we get all these ... AMD is bad AMD is insecure AMD is trash Intel wrecks AMD in 1 test and so on.
I wonder where it's all coming from? and why reporters are eating it raw.
That is what they have got to do, if they step out of line it is over for them. Decency is the last thing reported.
 
Joined
Jul 9, 2015
Messages
3,413 (1.00/day)
System Name M3401 notebook
Processor 5600H
Motherboard NA
Memory 16GB
Video Card(s) 3050
Storage 500GB SSD
Display(s) 14" OLED screen of the laptop
Software Windows 10
Benchmark Scores 3050 scores good 15-20% lower than average, despite ASUS's claims that it has uber cooling.
"Meltdown like" as in "kinda vulnerability, but not even remotely as bad as Meltdown".

That's some advanced usage of the word "like"... :D

It has nothing to do with Intel's new releases calendar.
AMD release does not.
Misleading article title, on the other hand... :peace:
 
Joined
Aug 20, 2007
Messages
21,453 (3.40/day)
System Name Pioneer
Processor Ryzen R9 9950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage Intel 905p Optane 960GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software Gentoo Linux x64 / Windows 11 Enterprise IoT 2024
No microcode updates are needed as existing mitigations are easily adapted to resolve the problem.
That's not intel's take, nor mine. Software doesn't recompile itself. Disappointing this is AMDs philosophy.
 
Joined
Apr 15, 2021
Messages
881 (0.67/day)
In the eyes of these companies, you're just a toilet bug that they're profiting off of. When it comes to making money and cutting costs, they all behave the same way. When it comes down to it, its more of a personal preference of which you're able/willing to tolerate. :laugh:

P.S.: Can we get a "toilet bug" emoji? :laugh:
 
Joined
May 13, 2015
Messages
632 (0.18/day)
Processor AMD Ryzen 3800X / AMD 8350
Motherboard ASRock X570 Phantom Gaming X / Gigabyte 990FXA-UD5 Revision 3.0
Cooling Stock / Corsair H100
Memory 32GB / 24GB
Video Card(s) Sapphire RX 6800 / AMD Radeon 290X (Toggling until 6950XT)
Storage C:\ 1TB SSD, D:\ RAID-1 1TB SSD, 2x4TB-RAID-1
Display(s) Samsung U32E850R
Case be quiet! Dark Base Pro 900 Black rev. 2 / Fractal Design
Audio Device(s) Creative Sound Blaster X-Fi
Power Supply EVGA Supernova 1300G2 / EVGA Supernova 850G+
Mouse Logitech M-U0007
Keyboard Logitech G110 / Logitech G110
Don't you just love that misinforming article title?
Yeah, AMD has a vulnerability and Intel has it but let's focus 99% on AMD because that is objective.</sarcasm>
 
Joined
Aug 20, 2007
Messages
21,453 (3.40/day)
System Name Pioneer
Processor Ryzen R9 9950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage Intel 905p Optane 960GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software Gentoo Linux x64 / Windows 11 Enterprise IoT 2024
Um, ok. You read the whitepaper pdf then?
Yeah, I glanced at it but this really isn't technical to understand. I disagree with AMDs approach to remedy this. You'd need to hope all software is "spectre-vulnerability ready." That is not realistic to expect in a closed source ecosystem like windows.

Anything that purely shifts the blame to the vendor of the software like this is as good as nothing, it's passing the buck, and that's all.
 
Last edited:
Joined
Apr 15, 2021
Messages
881 (0.67/day)
Yeah, AMD has a vulnerability and Intel has it but let's focus 99% on AMD because that is objective.</sarcasm>
Yeah, looks like we have ourselves a set of butt cheeks in front of us with some security business to attend to. One cheek is stamped with Intel, and the other AMD. You can never go wrong regardless of which one we kick, but if we kick the same one too much, for some reason it just gets bigger with all the swelling and the pair end up being out of proportion. Both Intel & AMD need to be addressing security issues given how ubiquitous this stuff is throughout the industries.
 
Joined
Jul 5, 2013
Messages
27,734 (6.67/day)
Yeah, I glanced at it but this really isn't technical to understand. I disagree with AMDs approach to remedy this. You'd need to hope all software is "spectre-vulnerability ready." That is not realistic to expect in a closed source ecosystem like windows.

Anything that purely shifts the blame to the vendor of the software like this is as good as nothing, it's passing the buck, and that's all.
I think you might be misunderstanding this situation. AMD isn't passing the buck, they are saving time and money for everyone. The mitigation for this vulnerability is just a minor, easily made, change to existing mitigations. As I said, it's almost nothing-sauce.

Yeah, AMD has a vulnerability and Intel has it but let's focus 99% on AMD because that is objective.</sarcasm>
On page 4, section 5 of the pdf, the researchers clearly define the Intel side of things by stating:
We also tested Intel CPUs for such behaviour. All Intel CPUs that are vulnerable to MDS attacks inherently have the same flaw described here.
They did not elaborate further as existing meltdown mitigations are very likely to solve the problem. While this was not stated(and yes it should have been), it was implied.
 
Joined
Feb 3, 2017
Messages
3,749 (1.32/day)
Processor Ryzen 7800X3D
Motherboard ROG STRIX B650E-F GAMING WIFI
Memory 2x16GB G.Skill Flare X5 DDR5-6000 CL36 (F5-6000J3636F16GX2-FX5)
Video Card(s) INNO3D GeForce RTX™ 4070 Ti SUPER TWIN X2
Storage 2TB Samsung 980 PRO, 4TB WD Black SN850X
Display(s) 42" LG C2 OLED, 27" ASUS PG279Q
Case Thermaltake Core P5
Power Supply Fractal Design Ion+ Platinum 760W
Mouse Corsair Dark Core RGB Pro SE
Keyboard Corsair K100 RGB
VR HMD HTC Vive Cosmos
They did not elaborate further as existing meltdown mitigations are very likely to solve the problem. While this was not stated(and yes it should have been), it was implied.
They did elaborate further and MDS mitigations seem to work against it:
All Intel CPUs that are vulnerable to MDS attacks inherently have the same flaw described here. We tested one MDS-resistant Intel(R) Core(TM) i7-10510U, and we did not detect such a flaw.
 
Top