Tuesday, March 19th 2019

AMD CPUs Immune to SPOILER Vulnerability: Company Statement

SPOILER, short for Speculative Load Hazards Boost Rowhammer and Cache Attacks (not sure how that abbreviates), is the latest in the long line of security vulnerabilities preying on imperfections in speculative-execution capabilities of modern processors, which surfaced early March, and affects all Intel processors. The vulnerability exploits the speculative nature of loading data from main memory to a CPU register. Intel has yet to assign a CVE to SPOILER, and hasn't yet released its own documentation on possible mitigation.

Meanwhile, rival AMD put out a statement that its processors are inherently immune to SPOILER due to a fundamentally different memory management design. "We are aware of the report of a new security exploit called SPOILER which can gain access to partial address information during load operations. We believe that our products are not susceptible to this issue because of our unique processor architecture. The SPOILER exploit can gain access to partial address information above address bit 11 during load operations. We believe that our products are not susceptible to this issue because AMD processors do not use partial address matches above address bit 11 when resolving load conflicts," the company writes in its statement.
Source: AMD
Add your own comment

6 Comments on AMD CPUs Immune to SPOILER Vulnerability: Company Statement

#2
john_
More proofs that AMD CPUs offer LESS features compared to Intel's CPUs.
More proofs that AMD CPUs are incompatible with a number of applications, like malwares in this certain case.

:p
Posted on Reply
#3
TheGuruStud
john_, post: 4015240, member: 137560"
More proofs that AMD CPUs offer LESS features compared to Intel's CPUs.
More proofs that AMD CPUs are incompatible with a number of applications, like malwares in this certain case.

:p
I hope this is the death knell for the bastards. Let it kill performance to fix (disable HT right?). I want to see that stock tank and every OEM jump ship on server to Rome.
Posted on Reply
#4
efikkan
Let's hope their PR department consulted their security team this time around…

john_, post: 4015240, member: 137560"
More proofs that AMD CPUs are incompatible with a number of applications, like malwares in this certain case.
We are talking about hardware defects and timing attacks here, it has nothing to do with software compatibility.

TheGuruStud, post: 4015459, member: 42692"
I hope this is the death knell for the bastards. Let it kill performance to fix (disable HT right?).
HT itself is not a problem, but it does complicate things. It's a matter of time before they have to drop HT, as the complications continue to grow while the gains of HT continues to decline. Unfortunately I fear Intel (and AMD) will continue to design for HT for a couple of iterations more.
Posted on Reply
#5
yakk
Good on AMD for stating the "why" instead of just saying "trust us" as another company says (oh and not cutting corners...)

"We believe that our products are not susceptible to this issue because AMD processors do not use partial address matches above address bit 11 when resolving load conflicts,"
Posted on Reply
#6
BorgOvermind
...told you they don't cheat on processing addressing.
Posted on Reply