• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

13 Major Vulnerabilities Discovered in AMD Zen Architecture, Including Backdoors

Joined
May 12, 2017
Messages
2,178 (0.87/day)
That doesn't always happen as it is triggered by a flag in the update process. If that flag is not set, the settings are not reset to defaults.


Holy crap! You'd think something like that would be locked down..

I will be looking at PDF documentation W/P pin of a BIOS chip to see if I can do anything in hardware, locking my BIOS chip in either software or hardware.
 
Joined
Dec 31, 2009
Messages
19,366 (3.72/day)
Benchmark Scores Faster than yours... I'd bet on it. :)
CVEs should be released about them in the coming days. Additional 3rd party validation (we have one sketchy source and one that for now seems legit) we should see perhaps Friday or Monday as they have said it took 3rd party 4-5 days to validate their findings.
 
Joined
May 1, 2010
Messages
44 (0.01/day)
System Name Dricast
Processor Intel Core i7 2600k
Motherboard Gigabyte GA-Z77X-UD3H
Cooling Corsair A70
Memory 12GB Mushkin DDR3
Video Card(s) 2x EVGA Geforce GTX460@GTX560 Clocks in SLI
Storage SanDisk 120GB SSD, Hitatchi 1TB, Hitatchi 2TB
Display(s) Dell 24"
Case Antec 902
Audio Device(s) Onboard
Power Supply Corsair 750TX
Software Windows 7 Ultimate
You all understand this is likely fake and possible stock manipulation? CTS Labs themselves state they may have a financial interest in these results.
 

bug

Joined
May 22, 2015
Messages
13,157 (4.07/day)
Processor Intel i5-12600k
Motherboard Asus H670 TUF
Cooling Arctic Freezer 34
Memory 2x16GB DDR4 3600 G.Skill Ripjaws V
Video Card(s) EVGA GTX 1060 SC
Storage 500GB Samsung 970 EVO, 500GB Samsung 850 EVO, 1TB Crucial MX300 and 2TB Crucial MX500
Display(s) Dell U3219Q + HP ZR24w
Case Raijintek Thetis
Audio Device(s) Audioquest Dragonfly Red :D
Power Supply Seasonic 620W M12
Mouse Logitech G502 Proteus Core
Keyboard G.Skill KM780R
Software Arch Linux + Win10
You all understand this is likely fake and possible stock manipulation? CTS Labs themselves state they may have a financial interest in these results.
If the news was about a possible vulnerability at VISA what would you do till VISA either confirms or denies it? Would you say "hey, this is likely fake, trying to make VISA look bad" or would you keep an eye on your transactions, just in case?
In any case, at this point I'd say this is likely not fake since, as poorly as this has been handled, CTS Labs say they have proof of concept attacks and they've submitted them for review.
 

bug

Joined
May 22, 2015
Messages
13,157 (4.07/day)
Processor Intel i5-12600k
Motherboard Asus H670 TUF
Cooling Arctic Freezer 34
Memory 2x16GB DDR4 3600 G.Skill Ripjaws V
Video Card(s) EVGA GTX 1060 SC
Storage 500GB Samsung 970 EVO, 500GB Samsung 850 EVO, 1TB Crucial MX300 and 2TB Crucial MX500
Display(s) Dell U3219Q + HP ZR24w
Case Raijintek Thetis
Audio Device(s) Audioquest Dragonfly Red :D
Power Supply Seasonic 620W M12
Mouse Logitech G502 Proteus Core
Keyboard G.Skill KM780R
Software Arch Linux + Win10
Would be good to have a Poll on this... or did I miss that?
Poll on what? Do we now decide whether a CVE is warranted by taking polls on TPU?
 
Joined
Apr 19, 2011
Messages
2,198 (0.46/day)
Location
So. Cal.
Oh IDK... like is this a proper business practice from a company that intends to be about "protecting the world from vulnerabilities".

I just say if they creditably want to protect me/you they would offer any company a judicious amount of time to both confirm and reply to such accusation. And, I'm not saying 90 days, more like 7 full working days, before making it public, and then provide the opportunity to interact in a relationship that plugs the holes, all while perhaps consigns that company some form of reimbursement for their work in helping.

This remind me of the one thing that nationality fears more than anything... being labeled a "Freier". In this case they appear to be..., or they tried to ransom AMD and the response was we are not working with extortionists.

In this way they did a bunch of work and aren't recouping anything, at least that we're privy too!
 
Last edited:
Joined
Jun 3, 2010
Messages
2,540 (0.50/day)
Poll on what? Do we now decide whether a CVE is warranted by taking polls on TPU?
We had one before, but there wasn't any naming names. This one, however, should be more conspicuous about the offender of the obvious fandom.
 

bug

Joined
May 22, 2015
Messages
13,157 (4.07/day)
Processor Intel i5-12600k
Motherboard Asus H670 TUF
Cooling Arctic Freezer 34
Memory 2x16GB DDR4 3600 G.Skill Ripjaws V
Video Card(s) EVGA GTX 1060 SC
Storage 500GB Samsung 970 EVO, 500GB Samsung 850 EVO, 1TB Crucial MX300 and 2TB Crucial MX500
Display(s) Dell U3219Q + HP ZR24w
Case Raijintek Thetis
Audio Device(s) Audioquest Dragonfly Red :D
Power Supply Seasonic 620W M12
Mouse Logitech G502 Proteus Core
Keyboard G.Skill KM780R
Software Arch Linux + Win10
Oh IDK... like is this a proper business practice from a company that intends to be about "protecting the world from vulnerabilities".

I just say if they creditably want to protect me/you they would offer any company a judicious amount of time to both confirm and reply to such accusation. And, I'm not saying 90 days, more like 7 full working days, before making it public, and then provide the opportunity to interact in a relationship that plugs the holes, all while perhaps consigns that company some form of reimbursement for their work in helping.

This remind me of the one thing that nationality fears more than anything... being labeled a "Freier". In this case they appear to be..., or they tried to ransom AMD and the response was we are not working with extortionists.

In this way they did a bunch of work and aren't recouping anything, at least that we're privy too!
Ah, so of all this thread your beef is with the whistleblower. I get it now.
 
Joined
Mar 18, 2015
Messages
2,960 (0.90/day)
Location
Long Island
Im still waiting to see a "aww... look at what happened to this guy" story from any of these "major defects"
 

FordGT90Concept

"I go fast!1!11!1!"
Joined
Oct 13, 2008
Messages
26,259 (4.65/day)
Location
IA, USA
System Name BY-2021
Processor AMD Ryzen 7 5800X (65w eco profile)
Motherboard MSI B550 Gaming Plus
Cooling Scythe Mugen (rev 5)
Memory 2 x Kingston HyperX DDR4-3200 32 GiB
Video Card(s) AMD Radeon RX 7900 XT
Storage Samsung 980 Pro, Seagate Exos X20 TB 7200 RPM
Display(s) Nixeus NX-EDG274K (3840x2160@144 DP) + Samsung SyncMaster 906BW (1440x900@60 HDMI-DVI)
Case Coolermaster HAF 932 w/ USB 3.0 5.25" bay + USB 3.2 (A+C) 3.5" bay
Audio Device(s) Realtek ALC1150, Micca OriGen+
Power Supply Enermax Platimax 850w
Mouse Nixeus REVEL-X
Keyboard Tesoro Excalibur
Software Windows 10 Home 64-bit
Benchmark Scores Faster than the tortoise; slower than the hare.
I just wanted to say that I'm glad TechPowerUp is doing editorial updates to an article. I'd like to see improvements in terms of making it clear what changed in each update though. It looks like, in its present state, only one update is clearly marked at the bottom.
 

W1zzard

Administrator
Staff member
Joined
May 14, 2004
Messages
26,956 (3.71/day)
Processor Ryzen 7 5700X
Memory 48 GB
Video Card(s) RTX 4080
Storage 2x HDD RAID 1, 3x M.2 NVMe
Display(s) 30" 2560x1600 + 19" 1280x1024
Software Windows 10 64-bit
I just wanted to say that I'm glad TechPowerUp is doing editorial updates to an article. I'd like to see improvements in terms of making it clear what changed in each update though. It looks like, in its present state, only one update is clearly marked at the bottom.
Just added two links to follow up stories and bumped the update number.
 

bug

Joined
May 22, 2015
Messages
13,157 (4.07/day)
Processor Intel i5-12600k
Motherboard Asus H670 TUF
Cooling Arctic Freezer 34
Memory 2x16GB DDR4 3600 G.Skill Ripjaws V
Video Card(s) EVGA GTX 1060 SC
Storage 500GB Samsung 970 EVO, 500GB Samsung 850 EVO, 1TB Crucial MX300 and 2TB Crucial MX500
Display(s) Dell U3219Q + HP ZR24w
Case Raijintek Thetis
Audio Device(s) Audioquest Dragonfly Red :D
Power Supply Seasonic 620W M12
Mouse Logitech G502 Proteus Core
Keyboard G.Skill KM780R
Software Arch Linux + Win10
Im still waiting to see a "aww... look at what happened to this guy" story from any of these "major defects"
Same thing that happened because of Spectre and Meltdown, I guess.

Seriously speaking though these aren't about what happens to this or that guy. These are more about ways to breach into servers and other stuff that has a good chance of going unnoticed. Think someone managing to escape their VM on a rented server and reading others' data.
These aren't the kind of vulnerabilities your next door script kiddie will abuse at will.

@W1zzard If you would properly prefix each update with "Update 1", "Update 2" and so on, that would be dreamy.
 

W1zzard

Administrator
Staff member
Joined
May 14, 2004
Messages
26,956 (3.71/day)
Processor Ryzen 7 5700X
Memory 48 GB
Video Card(s) RTX 4080
Storage 2x HDD RAID 1, 3x M.2 NVMe
Display(s) 30" 2560x1600 + 19" 1280x1024
Software Windows 10 64-bit
If you would properly prefix each update with "Update 1", "Update 2" and so on, that would be dreamy.
The first updates were in-text changes and in short succession, so difficult to prefix those. Will try to handle this better in the future.
 
Low quality post by i7Baby
Joined
May 4, 2016
Messages
82 (0.03/day)
Location
Melbourne
System Name Edit King
Processor i7 3930k
Motherboard ASRock X79 Extreme 6
Cooling Corsair H110i GT
Memory 4 x 4GB GSkill 2133
Video Card(s) R9 Nano x 2
Storage Seagate Barracuda 2TB
Display(s) LG 34UM88
Power Supply EVGA G2 750
Mouse Gigabyte M6580
Keyboard Azio
Gamers Nexus showed this to be a lot of BS. A paid by Intel article?
 
Joined
May 6, 2012
Messages
184 (0.04/day)
Location
Estonia
System Name Steamy
Processor Ryzen 7 2700X
Motherboard Asrock AB350M-Pro4
Cooling Wraith Prism
Memory 2x8GB HX429C15PB3AK2/16
Video Card(s) R9 290X WC
Storage 960Evo 500GB nvme
Case Fractal Design Define Mini C
Power Supply Seasonic SS-660XP2
Software Windows 10 Pro
Benchmark Scores http://hwbot.org/user/kinski/ http://valid.x86.fr/qfxqhj https://goo.gl/uWkw7n
Last edited:

bug

Joined
May 22, 2015
Messages
13,157 (4.07/day)
Processor Intel i5-12600k
Motherboard Asus H670 TUF
Cooling Arctic Freezer 34
Memory 2x16GB DDR4 3600 G.Skill Ripjaws V
Video Card(s) EVGA GTX 1060 SC
Storage 500GB Samsung 970 EVO, 500GB Samsung 850 EVO, 1TB Crucial MX300 and 2TB Crucial MX500
Display(s) Dell U3219Q + HP ZR24w
Case Raijintek Thetis
Audio Device(s) Audioquest Dragonfly Red :D
Power Supply Seasonic 620W M12
Mouse Logitech G502 Proteus Core
Keyboard G.Skill KM780R
Software Arch Linux + Win10
Last edited:

HTC

Joined
Apr 1, 2008
Messages
4,601 (0.79/day)
Location
Portugal
System Name HTC's System
Processor Ryzen 5 2600X
Motherboard Asrock Taichi X370
Cooling NH-C14, with the AM4 mounting kit
Memory G.Skill Kit 16GB DDR4 F4 - 3200 C16D - 16 GTZB
Video Card(s) Sapphire Nitro+ Radeon RX 480 OC 4 GB
Storage 1 Samsung NVMe 960 EVO 250 GB + 1 3.5" Seagate IronWolf Pro 6TB 7200RPM 256MB SATA III
Display(s) LG 27UD58
Case Fractal Design Define R6 USB-C
Audio Device(s) Onboard
Power Supply Corsair TX 850M 80+ Gold
Mouse Razer Deathadder Elite
Software Ubuntu 19.04 LTS
According to AT call with CTS labs the exploits also require bare metal install of the OS (and OS has to be Windows?).

https://www.anandtech.com/show/12536/our-interesting-call-with-cts-labs

Then it turns out i was more on point then i thought:

Agreed!

Question: i read (skimmed) the whitepaper but i didn't see a mention of Linux or other OSs other then Windows ... doesn't that mean it's Windows vulnerabilites when using Zen based hardware?

I'll ask again: doesn't that mean it's Windows vulnerabilites when using Zen based hardware?
 

FordGT90Concept

"I go fast!1!11!1!"
Joined
Oct 13, 2008
Messages
26,259 (4.65/day)
Location
IA, USA
System Name BY-2021
Processor AMD Ryzen 7 5800X (65w eco profile)
Motherboard MSI B550 Gaming Plus
Cooling Scythe Mugen (rev 5)
Memory 2 x Kingston HyperX DDR4-3200 32 GiB
Video Card(s) AMD Radeon RX 7900 XT
Storage Samsung 980 Pro, Seagate Exos X20 TB 7200 RPM
Display(s) Nixeus NX-EDG274K (3840x2160@144 DP) + Samsung SyncMaster 906BW (1440x900@60 HDMI-DVI)
Case Coolermaster HAF 932 w/ USB 3.0 5.25" bay + USB 3.2 (A+C) 3.5" bay
Audio Device(s) Realtek ALC1150, Micca OriGen+
Power Supply Enermax Platimax 850w
Mouse Nixeus REVEL-X
Keyboard Tesoro Excalibur
Software Windows 10 Home 64-bit
Benchmark Scores Faster than the tortoise; slower than the hare.
The first updates were in-text changes and in short succession, so difficult to prefix those. Will try to handle this better in the future.
Could underline changes and subscript the update number at the end of each one.
 
Top