Tuesday, March 13th 2018

13 Major Vulnerabilities Discovered in AMD Zen Architecture, Including Backdoors

Security researchers with Israel-based CTS-Labs, have discovered a thirteen security vulnerabilities for systems based on AMD Zen processors. The thirteen new exploits are broadly classified into four groups based on the similarity in function of the processor that they exploit: "Ryzenfall," "Masterkey," "Fallout," and "Chimera."

The researchers "believe that networks that contain AMD computers are at a considerable risk," and that malware can "survive computer reboots and re-installations of the operating system, while remaining virtually undetectable by most endpoint security solutions," such as antivirus software. They also mention that in their opinion, "the basic nature of some of these vulnerabilities amounts to complete disregard of fundamental security principles. This raises concerning questions regarding security practices, auditing, and quality controls at AMD."
Since this story went up some follow ups were posted:1. "Masterkey": This is an exploit of the Secure Boot feature, which checks if nothing has been tampered with on your machine while it was powered down (i.e. changes in firmware, hardware, or the last software state before shutdown). The Masterkey vulnerability gets around this environment integrity check by using an infected system BIOS, which can be flashed even from within Windows (with administrative privileges). This does not mean that the user has to modify and flash the BIOS manually before becoming vulnerable, the malware can do that on the fly once it is running. Theoretically, Secure Boot should validate the integrity of the BIOS, but apparently this can be bypassed, exploiting bugs in the Secure Processor's metadata parsing. Once the BIOS signature is out of the way, you can put pretty much any ARM Cortex A5 compatible code into the modified BIOS, which will then execute inside the ARM-based Secure Processor - undetectable to any antivirus software running on the main CPU, because the antivirus software running on the CPU has no way to scan inside the Secure Processor.

2. "Ryzenfall" is a class of vulnerabilities targeting Secure Processor, which lets a well-designed malware stash its code into the Secure Processor of a running system, to get executed for the remainder of the system's up-time. Again, this attack requires administrative privileges on the host machine, but can be performed in real-time, on the running system, without modifying the firmware. Secure Processor uses system RAM, in addition to its own in-silicon memory on the processor's die. While this part of memory is fenced off from access by the CPU, bugs exist that can punch holes into that protection. Code running on the Secure Processor has complete access to the system; Microsoft Virtualization-based Security (VBS) can be bypassed and additional malware can be placed into system management storage, where it can't be detected by traditional antivirus software. Windows Defender Credentials Guard, a component that stores and authenticates passwords and other secure functions on the machine, can also be bypassed and the malware can spread over the network to other machines, or the firmware can be modified to exploit "Masterkey", which persists through reboots, undetectable.

3. "Fallout": This class of vulnerabilities affects only AMD EPYC servers. It requires admin privileges like the other exploits, and has similar effects. It enables an attacker to gain access to memory regions like Windows Isolated User Mode / Kernel Mode (VTL1) and Secure Management RAM of the CPU (which are not accessible, even with administrative privileges). Risks are the same as "Ryzenfall", the attack vector is just different.

4. "Chimera": This class of vulnerabilities is an exploitation of the motherboard chipset (e.g. X370 also known as Promontory). AMD outsourced design of their Ryzen chipsets to Taiwanese ASMedia, which is a subsidiary of ASUS. You might know the company from the third-party USB 3.0 and legacy PCI chips on many motherboards. The company has been fined for lax security practices in the past, and numerous issues were found in their earlier controller chips. For the AMD chipset, it looks like they just copy-pasted a lot of code and design, including vulnerabilities. The chipset runs its own code that tells it what to do, and here's the problem: Apparently a backdoor has been implemented that gives any attacker knowing the right passcode full access to the chipset, including arbitrary code execution inside the chipset. This code can now use the system's DMA (direct memory access) engine to read/write system memory, which allows malware injection into the OS. To exploit this attack vector, administrative privileges are required. Whether DMA can access the fenced off memory portions of the Secure Processor, to additionally attack the Secure Processor through this vulnerability, is not fully confirmed, however, the researchers verified it works on a small number of desktop boards. Your keyboard, mouse, network controllers, wired or wireless, are all connected to the chipset, which opens up various other attack mechanisms like keyloggers (that send off their logs by directly accessing the network controller without the CPU/OS ever knowing about these packets), or logging all interesting network traffic, even if its destination is another machine on the same Ethernet segment. As far as we know, the tiny 8-pin serial ROM chip is connected to the CPU on AMD Ryzen platform, not to the chipset or LPCIO controller, so infecting the firmware might not be possible with this approach. A second backdoor was found that is implemented in the physical chip design, so it can't be mitigated by a software update, and the researchers hint at the requirement for a recall.

AMD's Vega GPUs use an implementation of the Secure Processor, too, so it is very likely that Vega is affected in a similar way. An attacker could infect the GPU, and then use DMA to access the rest of the system through the attacks mentioned above.

The researchers have set up the website AMDFlaws.com to chronicle these findings, and to publish detailed whitepapers in the near future.

AMD provided us with the following statement: "We have just received a report from a company called CTS Labs claiming there are potential security vulnerabilities related to certain of our processors. We are actively investigating and analyzing its findings. This company was previously unknown to AMD and we find it unusual for a security firm to publish its research to the press without providing a reasonable amount of time for the company to investigate and address its findings. At AMD, security is a top priority and we are continually working to ensure the safety of our users as potential new risks arise."

Update March 14 7 AM CET: It seems a lot of readers misunderstand the BIOS flashing part. The requirement is not that the user has to manually flash a different BIOS first before becoming vulnerable. The malware itself will modify/flash the BIOS once it is running on the host system with administrative privileges. Also, the signed driver requirement does not require a driver from any specific vendor. The required driver (which is not for an actual hardware device and just provides low-level hardware access) can be easily created by any hacker. Signing the driver, so Windows accepts it, requires a digital signature which is available from various SSL vendors for a few hundred dollars after a fairly standard verification process (requires a company setup with bank account). Alternatively an already existing signed driver from various hardware utilities could be extracted and used for this purpose. Source: Many Thanks to Earthdog for the tip
Add your own comment

482 Comments on 13 Major Vulnerabilities Discovered in AMD Zen Architecture, Including Backdoors

#26
lexluthermiester
"xkm1948 said:
Everything of these so called “white papers” seems fishy. Only one source, no independent duplication of their “research “ findings is a pretty serious red flag. I am calling this b*llshit. Seems like some smearing operation. Ryzenfall, so amature and obvious.
While I'm not willing to call BS, I agree that additional and independent testing & verification is required.
Posted on Reply
#27
FordGT90Concept
"I go fast!1!11!1!"
#FakeNews

Intent is in the disclaimer:
The report and all statements contained herein are opinions of CTS and are not statements of fact. To the best of our ability and belief, all information contained herein is accurate and reliable, and has been obtained from public sources we believe to be accurate and reliable. Although we have a good faith belief in our analysis and believe it to be objective and unbiased, you are advised that we may have, either directly or indirectly, an economic interest in the performance of the securities of the companies whose products are the subject of our reports.
They likely bought put options on AMD and published this website make a fortune on the sell off of AMD stocks it triggers.

But wait, there's more:
...CTS reserves the right to refrain from updating this website even as it becomes outdated or inaccurate.
Defamation and libel grounds there for AMD to sue on top of potential securities fraud.


Others above have already pointed out all the flaws in their methodology not only to exploit the vulnerabilities but also in how they don't conform to the standard six month window between informing the company and informing the public.
Posted on Reply
#28
xkm1948
Eitherway, TPU probably benefits from the clickbait ~ish title. Who cares if the news is true or not. Dumb average Joe lives on sensationalism. Plus increased traffic and attention benefits both those researchers as well as any tech site that publish these without a serious look into the actual issue. More publicity and sweet sweet ad revenue, yay.

See this:

http://science.sciencemag.org/content/359/6380/1094.full

The difference is the paper on fake news is peer reviewed, not some magical claim certain “researchers “ pull out of their ass
Posted on Reply
#29
lexluthermiester
"FordGT90Concept said:
but also in how they don't conform to the standard six month window between informing the company and informing the public.
There are no legally binding limitations or regulations that require any amount of time between discovery and public disclosure, especially in Israel.
Posted on Reply
#30
HTC
"lexluthermiester said:
While I'm not willing to call BS, I agree that additional and independent testing & verification is required.
Agreed!

Question: i read (skimmed) the whitepaper but i didn't see a mention of Linux or other OSs other then Windows ... doesn't that mean it's Windows vulnerabilites when using Zen based hardware?
Posted on Reply
#31
FordGT90Concept
"I go fast!1!11!1!"
"lexluthermiester said:
There are no legally binding limitations or regulations that require any amount of time between discovery and public disclosure, especially in Israel.
It shows intent. Six month window often doesn't allow the stock market to even respond because it's fixed before the public knows about it. A 24-hour window is intended to spook the market as their disclaimer clearly indicates. As I said, it opens the door to securities fraud investigation. 24-hour is in private, not public, interest.

If this does end up in court, the 24-hour window will work heavily in AMD's favor. Any change in AMD's stock can be pinned on this website damaging AMD.

Six month is an unwritten rule for a reason.
Posted on Reply
#32
IceScreamer
So they notified AMD of the findings and posted the paper 24 hours after, when the usual time frame is, I dunno, more. Also, posting this right before the 2000 series launch. Highly suspicious.
Posted on Reply
#33
windwhirl
Well, if this turns out to be true, it's gonna be a shitstorm for AMD....

Edit: No, it probably won't.
Posted on Reply
#34
lexluthermiester
"HTC said:
Question: i read (skimmed) the whitepaper but i didn't see a mention of Linux or other OSs other then Windows ... doesn't that mean it's Windows vulnerabilites when using Zen based hardware?
My take is that most, if not all, of those problems are OS-agnostic. If all of this pans out and is verified, AMD is going to have as bad a time as Intel did with Meltdown.
"FordGT90Concept said:
Six month is an unwritten rule for a reason.
Rule, not law.
Posted on Reply
#35
dj-electric
<div class="youtube-embed" data-id="Ag1o3koTLWM"><img src="https://i.ytimg.com/vi/Ag1o3koTLWM/hqdefault.jpg" /><div class="youtube-play"></div><a href="https://www.youtube.com/watch?v=Ag1o3koTLWM" target="_blank" class="youtube-title"></a></div>
Posted on Reply
#36
W1zzard
Reworked most of the article and added AMD's statement
Posted on Reply
#37
Sam32
All four vulnerabilities require administrative access. This this NOTHING like Spectre/Meltdown...
Posted on Reply
#38
Imsochobo
skeptical as remote attacks seems hardly possible.
Method of doing this release.

if true;
what they're mentioning seems to be what intel ME has going for it, we don't like it and we still have 50 000 unpatched computers at work from Intel, that security issue isn't really talked about cause it required physical access.

Give a hacker physical access to something and some time and nothing stands in their way.
Spectre and Meltdown is fundamentally different as it allows remote attacks.

I am in no way protecting the PSP, I don't like stuff like it but I'm pretty much saying it's like intel ME.
Posted on Reply
#40
xorbe
"Joss said:
This "security company" is based in Israel where Intel has it's most important design centre and one of the largest manufacturing facilities.
This. Also, why does everyone need dedicated logos and websites for bug reports these days. It's a PR smear campaign (if the website name didn't tip you off). First and fourth are flashing the board bios, and the second and third require OS root access. These are absolutely not on the level of Meltdown or Spectre.
Posted on Reply
#41
W1zzard
Added info that Vega is probably affected, too
Posted on Reply
#42
R-T-B
"_JP_ said:
All flaws require administrative rights in order to accomplish anything (one requires flashing firmware)
When it can survive a reinstall it's still a big issue. If these flaws are confirmed they are fairly signifigant.

As I said earlier, 2018 is going to be a rough year for processor security...
Posted on Reply
#43
839millionman
The timing on this is interesting. There's a ton of movement right now around AMD's stock.

The 24 hour notice is really fishy. I would take this with salt, especially since its from a website called amdflaws.com and has titles like "Ryzenfall".
Posted on Reply
#44
W1zzard
"HTC said:
Question: i read (skimmed) the whitepaper but i didn't see a mention of Linux or other OSs other then Windows ... doesn't that mean it's Windows vulnerabilites when using Zen based hardware?
I see no technical reason why any other OS won't be affected. As long as that OS provides a mechanism to access hardware
Posted on Reply
#45
xorbe
https://amdflaws.com/disclaimer.html

"you are advised that we may have, either directly or indirectly, an economic interest in the performance of the securities of the companies whose products are the subject of our reports"

edit: oops sorry, this was already posted above by FordGT90Concept
Posted on Reply
#46
Sempron Guy
they published it on a site called amdflaws.com who they most likely authored as well. Anyone still falls for this kind of stuff in 2018?
Posted on Reply
#48
xkm1948
"Sempron Guy said:
they published it on a site called amdflaws.com who they most likely authored as well. Anyone still falls for this kind of stuff in 2018?
Like 99% of the population?
Posted on Reply
#49
the54thvoid
I'm with @FordGT90Concept on this. This isn't about security, this is about hurting AMD.

That seems pretty obvious from the disclosure he quoted.
Posted on Reply
Add your own comment