• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

13 Major Vulnerabilities Discovered in AMD Zen Architecture, Including Backdoors

Joined
May 12, 2017
Messages
671 (0.68/day)
That doesn't always happen as it is triggered by a flag in the update process. If that flag is not set, the settings are not reset to defaults.


Holy crap! You'd think something like that would be locked down..
I will be looking at PDF documentation W/P pin of a BIOS chip to see if I can do anything in hardware, locking my BIOS chip in either software or hardware.
 
Joined
Dec 31, 2009
Messages
16,393 (4.45/day)
CVEs should be released about them in the coming days. Additional 3rd party validation (we have one sketchy source and one that for now seems legit) we should see perhaps Friday or Monday as they have said it took 3rd party 4-5 days to validate their findings.
 
Joined
May 1, 2010
Messages
44 (0.01/day)
System Name Dricast
Processor Intel Core i7 2600k
Motherboard Gigabyte GA-Z77X-UD3H
Cooling Corsair A70
Memory 12GB Mushkin DDR3
Video Card(s) 2x EVGA Geforce GTX460@GTX560 Clocks in SLI
Storage SanDisk 120GB SSD, Hitatchi 1TB, Hitatchi 2TB
Display(s) Dell 24"
Case Antec 902
Audio Device(s) Onboard
Power Supply Corsair 750TX
Software Windows 7 Ultimate
You all understand this is likely fake and possible stock manipulation? CTS Labs themselves state they may have a financial interest in these results.
 

bug

Joined
May 22, 2015
Messages
6,941 (4.05/day)
Processor Intel i5-6600k (AMD Ryzen5 3600 in a box, waiting for a mobo)
Motherboard ASRock Z170 Extreme7+
Cooling Arctic Cooling Freezer i11
Memory 2x16GB DDR4 3600 G.Skill Ripjaws V (@3200)
Video Card(s) EVGA GTX 1060 SC
Storage 500GB Samsung 970 EVO, 500GB Samsung 850 EVO, 1TB Crucial MX300 and 3TB Seagate
Display(s) HP ZR24w
Case Raijintek Thetis
Audio Device(s) Audioquest Dragonfly Red :D
Power Supply Seasonic 620W M12
Mouse Logitech G502 Proteus Core
Keyboard G.Skill KM780R
Software Arch Linux + Win10
You all understand this is likely fake and possible stock manipulation? CTS Labs themselves state they may have a financial interest in these results.
If the news was about a possible vulnerability at VISA what would you do till VISA either confirms or denies it? Would you say "hey, this is likely fake, trying to make VISA look bad" or would you keep an eye on your transactions, just in case?
In any case, at this point I'd say this is likely not fake since, as poorly as this has been handled, CTS Labs say they have proof of concept attacks and they've submitted them for review.
 

bug

Joined
May 22, 2015
Messages
6,941 (4.05/day)
Processor Intel i5-6600k (AMD Ryzen5 3600 in a box, waiting for a mobo)
Motherboard ASRock Z170 Extreme7+
Cooling Arctic Cooling Freezer i11
Memory 2x16GB DDR4 3600 G.Skill Ripjaws V (@3200)
Video Card(s) EVGA GTX 1060 SC
Storage 500GB Samsung 970 EVO, 500GB Samsung 850 EVO, 1TB Crucial MX300 and 3TB Seagate
Display(s) HP ZR24w
Case Raijintek Thetis
Audio Device(s) Audioquest Dragonfly Red :D
Power Supply Seasonic 620W M12
Mouse Logitech G502 Proteus Core
Keyboard G.Skill KM780R
Software Arch Linux + Win10
Would be good to have a Poll on this... or did I miss that?
Poll on what? Do we now decide whether a CVE is warranted by taking polls on TPU?
 
Joined
Apr 19, 2011
Messages
2,143 (0.67/day)
Location
So. Cal.
Oh IDK... like is this a proper business practice from a company that intends to be about "protecting the world from vulnerabilities".

I just say if they creditably want to protect me/you they would offer any company a judicious amount of time to both confirm and reply to such accusation. And, I'm not saying 90 days, more like 7 full working days, before making it public, and then provide the opportunity to interact in a relationship that plugs the holes, all while perhaps consigns that company some form of reimbursement for their work in helping.

This remind me of the one thing that nationality fears more than anything... being labeled a "Freier". In this case they appear to be..., or they tried to ransom AMD and the response was we are not working with extortionists.

In this way they did a bunch of work and aren't recouping anything, at least that we're privy too!
 
Last edited:
Joined
Jun 3, 2010
Messages
532 (0.15/day)
Poll on what? Do we now decide whether a CVE is warranted by taking polls on TPU?
We had one before, but there wasn't any naming names. This one, however, should be more conspicuous about the offender of the obvious fandom.
 

bug

Joined
May 22, 2015
Messages
6,941 (4.05/day)
Processor Intel i5-6600k (AMD Ryzen5 3600 in a box, waiting for a mobo)
Motherboard ASRock Z170 Extreme7+
Cooling Arctic Cooling Freezer i11
Memory 2x16GB DDR4 3600 G.Skill Ripjaws V (@3200)
Video Card(s) EVGA GTX 1060 SC
Storage 500GB Samsung 970 EVO, 500GB Samsung 850 EVO, 1TB Crucial MX300 and 3TB Seagate
Display(s) HP ZR24w
Case Raijintek Thetis
Audio Device(s) Audioquest Dragonfly Red :D
Power Supply Seasonic 620W M12
Mouse Logitech G502 Proteus Core
Keyboard G.Skill KM780R
Software Arch Linux + Win10
Oh IDK... like is this a proper business practice from a company that intends to be about "protecting the world from vulnerabilities".

I just say if they creditably want to protect me/you they would offer any company a judicious amount of time to both confirm and reply to such accusation. And, I'm not saying 90 days, more like 7 full working days, before making it public, and then provide the opportunity to interact in a relationship that plugs the holes, all while perhaps consigns that company some form of reimbursement for their work in helping.

This remind me of the one thing that nationality fears more than anything... being labeled a "Freier". In this case they appear to be..., or they tried to ransom AMD and the response was we are not working with extortionists.

In this way they did a bunch of work and aren't recouping anything, at least that we're privy too!
Ah, so of all this thread your beef is with the whistleblower. I get it now.
 
Joined
Mar 18, 2015
Messages
2,315 (1.30/day)
Location
Long Island
Im still waiting to see a "aww... look at what happened to this guy" story from any of these "major defects"
 

FordGT90Concept

"I go fast!1!11!1!"
Joined
Oct 13, 2008
Messages
25,694 (6.23/day)
Location
IA, USA
System Name BY-2015
Processor Intel Core i7-6700K (4 x 4.00 GHz) w/ HT and Turbo on
Motherboard MSI Z170A GAMING M7
Cooling Scythe Kotetsu
Memory 2 x Kingston HyperX DDR4-2133 8 GiB
Video Card(s) Sapphire Radeon RX 5500 XT Pulse 8 GiB
Storage Crucial MX300 275 GB, Seagate Exos X12 TB 7200 RPM
Display(s) Samsung SyncMaster T240 24" LCD (1920x1200 HDMI) + Samsung SyncMaster 906BW 19" LCD (1440x900 VGA)
Case Coolermaster HAF 932 w/ USB 3.0 5.25" bay
Audio Device(s) Realtek ALC1150, Micca OriGen+
Power Supply Enermax Platimax 850w
Mouse SteelSeries Sensei RAW
Keyboard Tesoro Excalibur
Software Windows 10 Pro 64-bit
Benchmark Scores Faster than the tortoise; slower than the hare.
I just wanted to say that I'm glad TechPowerUp is doing editorial updates to an article. I'd like to see improvements in terms of making it clear what changed in each update though. It looks like, in its present state, only one update is clearly marked at the bottom.
 

W1zzard

Administrator
Staff member
Joined
May 14, 2004
Messages
19,985 (3.48/day)
Processor Core i7-4790K
Memory 16 GB
Video Card(s) GTX 1080
Display(s) 30" 2560x1600 + 19" 1280x1024
Software Windows 7
I just wanted to say that I'm glad TechPowerUp is doing editorial updates to an article. I'd like to see improvements in terms of making it clear what changed in each update though. It looks like, in its present state, only one update is clearly marked at the bottom.
Just added two links to follow up stories and bumped the update number.
 

bug

Joined
May 22, 2015
Messages
6,941 (4.05/day)
Processor Intel i5-6600k (AMD Ryzen5 3600 in a box, waiting for a mobo)
Motherboard ASRock Z170 Extreme7+
Cooling Arctic Cooling Freezer i11
Memory 2x16GB DDR4 3600 G.Skill Ripjaws V (@3200)
Video Card(s) EVGA GTX 1060 SC
Storage 500GB Samsung 970 EVO, 500GB Samsung 850 EVO, 1TB Crucial MX300 and 3TB Seagate
Display(s) HP ZR24w
Case Raijintek Thetis
Audio Device(s) Audioquest Dragonfly Red :D
Power Supply Seasonic 620W M12
Mouse Logitech G502 Proteus Core
Keyboard G.Skill KM780R
Software Arch Linux + Win10
Im still waiting to see a "aww... look at what happened to this guy" story from any of these "major defects"
Same thing that happened because of Spectre and Meltdown, I guess.

Seriously speaking though these aren't about what happens to this or that guy. These are more about ways to breach into servers and other stuff that has a good chance of going unnoticed. Think someone managing to escape their VM on a rented server and reading others' data.
These aren't the kind of vulnerabilities your next door script kiddie will abuse at will.

@W1zzard If you would properly prefix each update with "Update 1", "Update 2" and so on, that would be dreamy.
 

W1zzard

Administrator
Staff member
Joined
May 14, 2004
Messages
19,985 (3.48/day)
Processor Core i7-4790K
Memory 16 GB
Video Card(s) GTX 1080
Display(s) 30" 2560x1600 + 19" 1280x1024
Software Windows 7
If you would properly prefix each update with "Update 1", "Update 2" and so on, that would be dreamy.
The first updates were in-text changes and in short succession, so difficult to prefix those. Will try to handle this better in the future.
 
Low quality post by i7Baby
Joined
May 4, 2016
Messages
81 (0.06/day)
Location
Melbourne
System Name Edit King
Processor i7 3930k
Motherboard ASRock X79 Extreme 6
Cooling Corsair H110i GT
Memory 4 x 4GB GSkill 2133
Video Card(s) R9 Nano x 2
Storage Seagate Barracuda 2TB
Display(s) LG 34UM88
Power Supply EVGA G2 750
Mouse Gigabyte M6580
Keyboard Azio
Gamers Nexus showed this to be a lot of BS. A paid by Intel article?
 
Joined
May 6, 2012
Messages
184 (0.07/day)
Location
Estonia
System Name Steamy
Processor Ryzen 7 2700X
Motherboard Asrock AB350M-Pro4
Cooling Wraith Prism
Memory 2x8GB HX429C15PB3AK2/16
Video Card(s) R9 290X WC
Storage 960Evo 500GB nvme
Case Fractal Design Define Mini C
Power Supply Seasonic SS-660XP2
Software Windows 10 Pro
Benchmark Scores http://hwbot.org/user/kinski/ http://valid.x86.fr/qfxqhj https://goo.gl/uWkw7n
Last edited:

bug

Joined
May 22, 2015
Messages
6,941 (4.05/day)
Processor Intel i5-6600k (AMD Ryzen5 3600 in a box, waiting for a mobo)
Motherboard ASRock Z170 Extreme7+
Cooling Arctic Cooling Freezer i11
Memory 2x16GB DDR4 3600 G.Skill Ripjaws V (@3200)
Video Card(s) EVGA GTX 1060 SC
Storage 500GB Samsung 970 EVO, 500GB Samsung 850 EVO, 1TB Crucial MX300 and 3TB Seagate
Display(s) HP ZR24w
Case Raijintek Thetis
Audio Device(s) Audioquest Dragonfly Red :D
Power Supply Seasonic 620W M12
Mouse Logitech G502 Proteus Core
Keyboard G.Skill KM780R
Software Arch Linux + Win10
Last edited:

HTC

Joined
Apr 1, 2008
Messages
3,805 (0.88/day)
Location
Portugal
System Name HTC's System
Processor Ryzen 5 2600X
Motherboard Asrock Taichi X370
Cooling NH-C14, with the AM4 mounting kit
Memory G.Skill Kit 16GB DDR4 F4 - 3200 C16D - 16 GTZB
Video Card(s) Sapphire Nitro+ Radeon RX 480 OC 4 GB
Storage 1 Samsung NVMe 960 EVO 250 GB + 1 3.5" Seagate IronWolf Pro 6TB 7200RPM 256MB SATA III
Display(s) LG 27UD58
Case Fractal Design Define R6 USB-C
Audio Device(s) Onboard
Power Supply Corsair TX 850M 80+ Gold
Mouse Razer Deathadder Elite
Software Ubuntu 19.04 LTS
According to AT call with CTS labs the exploits also require bare metal install of the OS (and OS has to be Windows?).

https://www.anandtech.com/show/12536/our-interesting-call-with-cts-labs
Then it turns out i was more on point then i thought:

Agreed!

Question: i read (skimmed) the whitepaper but i didn't see a mention of Linux or other OSs other then Windows ... doesn't that mean it's Windows vulnerabilites when using Zen based hardware?
I'll ask again: doesn't that mean it's Windows vulnerabilites when using Zen based hardware?
 

FordGT90Concept

"I go fast!1!11!1!"
Joined
Oct 13, 2008
Messages
25,694 (6.23/day)
Location
IA, USA
System Name BY-2015
Processor Intel Core i7-6700K (4 x 4.00 GHz) w/ HT and Turbo on
Motherboard MSI Z170A GAMING M7
Cooling Scythe Kotetsu
Memory 2 x Kingston HyperX DDR4-2133 8 GiB
Video Card(s) Sapphire Radeon RX 5500 XT Pulse 8 GiB
Storage Crucial MX300 275 GB, Seagate Exos X12 TB 7200 RPM
Display(s) Samsung SyncMaster T240 24" LCD (1920x1200 HDMI) + Samsung SyncMaster 906BW 19" LCD (1440x900 VGA)
Case Coolermaster HAF 932 w/ USB 3.0 5.25" bay
Audio Device(s) Realtek ALC1150, Micca OriGen+
Power Supply Enermax Platimax 850w
Mouse SteelSeries Sensei RAW
Keyboard Tesoro Excalibur
Software Windows 10 Pro 64-bit
Benchmark Scores Faster than the tortoise; slower than the hare.
The first updates were in-text changes and in short succession, so difficult to prefix those. Will try to handle this better in the future.
Could underline changes and subscript the update number at the end of each one.
 
Top