• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Meltdown-like Vulnerability Affects AMD Zen+ and Zen2 Processors

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
42,111 (8.14/day)
Location
Hyderabad, India
Processor AMD Ryzen 7 2700X
Motherboard ASUS ROG Strix B450-E Gaming
Cooling AMD Wraith Prism
Memory 2x 16GB Corsair Vengeance LPX DDR4-3000
Video Card(s) Palit GeForce RTX 2080 SUPER GameRock
Storage Western Digital Black NVMe 512GB
Display(s) BenQ 1440p 60 Hz 27-inch
Case Corsair Carbide 100R
Audio Device(s) Creative Sound Blaster Recon3D PCIe
Power Supply Cooler Master MWE Gold 650W
Mouse ASUS ROG Strix Impact
Keyboard Microsoft Sidewinder X4
Software Windows 10 Pro
Cybersecurity researchers Saidgani Musaev and Christof Fetzer with the Dresden Technology University discovered a novel method of forcing illegal data-flow between microarchitectural elements on AMD processors based on the "Zen+" and "Zen 2" microarchitectures, titled "Transient Execution of Non-canonical Accesses." The method was discovered in October 2020, but the researchers followed responsible-disclosure norms, giving AMD time to address the vulnerability and develop a mitigation. The vulnerability is chronicled under CVE-2020-12965 and AMD Security Bulletin ID "AMD-SB-1010."

The one-line summary of this vulnerability from AMD reads: "When combined with specific software sequences, AMD CPUs may transiently execute non-canonical loads and store using only the lower 48 address bits, potentially resulting in data leakage." The researchers studied this vulnerability on three processors, namely the EPYC 7262 based on "Zen 2," and Ryzen 7 2700X and Ryzen Threadripper 2990WX, based on "Zen+." They mention that all Intel processors that are vulnerable to MDS attacks "inherently have the same flaw." AMD is the subject of the paper as AMD "Zen+" (and later) processors are immune to MDS as demonstrated on Intel processors. AMD developed a mitigation for the vulnerability, which includes ways of patching vulnerable software.

Find the security research paper here (PDF), and the AMD security bulletin here. AMD's mitigation blueprint can be accessed here.



View at TechPowerUp Main Site
 
Joined
Oct 16, 2014
Messages
667 (0.26/day)
System Name Work in progress
Processor AMD Ryzen 5 3600
Motherboard Asus PRIME B350M-A
Cooling Wraith Stealth Cooler, 4x140mm Noctua NF-A14 FLX 1200RPM Case Fans
Memory Corsair 16GB (2x8GB) CMK16GX4M2A2400C14R DDR4 2400MHz Vengeance LPX DIMM
Video Card(s) GTX 1050 2GB (for now) 3060 12GB on order
Storage Samsung 860 EVO 500GB, Lots of HDD storage
Display(s) 32 inch 4K LG, 55 & 48 inch LG OLED, 40 inch Panasonic LED LCD
Case Cooler Master Silencio S400
Audio Device(s) Sound: LG Monitor Built-in speakers (currently), Mike: Marantz MaZ
Power Supply Corsair CS550M 550W ATX Power Supply, 80+ Gold Certified, Semi-Modular Design
Mouse Logitech M280
Keyboard Logitech Wireless Solar Keyboard K750R (works best in summer)
VR HMD none
Software Microsoft Windows 10 Home 64bit OEM, Captur 1 21
Benchmark Scores Cinebench R20: 3508 (WIP)
They mention that all Intel processors that are vulnerable to MDS attacks "inherently have the same flaw."
Crickets chirping ..................... Usual negative comments from Intel enthusiasts strangely lacking? :D

BTW my signature block was in no way influenced by the Ryzen logo above. I have been interested in black holes and neutron stars for about 50 years. I got a major site, much bigger than TPU, to stop referring to the EHT image as a photograph (others helped). Andy may have a different opinion.
 
Last edited:
Joined
Feb 3, 2017
Messages
3,223 (1.82/day)
Processor R5 5600X
Motherboard ASUS ROG STRIX B550-I GAMING
Cooling Alpenföhn Black Ridge
Memory 2*16GB DDR4-2666 VLP @3800
Video Card(s) Geforce RTX 3070 FE
Storage 1TB Samsung 970 Pro, 2TB Intel 660p
Display(s) ASUS PG279Q, Eizo EV2736W
Case Dan Cases A4-SFX
Power Supply Corsair SF600
Mouse Corsair Ironclaw Wireless RGB
Keyboard Corsair K60
VR HMD HTC Vive
They mention that all Intel processors that are vulnerable to MDS attacks "inherently have the same flaw."
Who, where? Sounds like they simply mean MDS vulnerabilities.
The only place research paper mentions Intel at all is this part in the introduction:
While Spectre-type attack targets wide families of CPUs from different vendors, Meltdown-type attacks were targeting mostly Intel CPUs.
The predominant focus of previous research on Intel may mean that other vendors’ CPUs were not investigated as thoroughly and may still have undiscovered microarchitectural vulnerabilities.

Edit:
I was wrong about Intel not being mentioned. The search does not work properly in the PDF. Found the source of that sentence:
Page 4 said:
All Intel CPUs that are vulnerable to MDS attacks inherently have the same flaw described here. We tested one MDS-resistant Intel(R) Core(TM) i7-10510U, and we did not detect such a flaw.
 
Last edited:
Joined
Jul 21, 2016
Messages
100 (0.05/day)
Processor AMD Ryzen 5 3600X
Motherboard MSI B450 Tomahawk
Cooling Alpenföhn Brocken 3 140mm
Memory Patriot Viper 4 - DDR4 3400 MHz 2x8 GB
Video Card(s) Radeon RX460 2 GB
Storage Samsung 860 500 GB, Samsung 830 128 GB, 2x Western Digital RED 4 TB
Display(s) Dell UltraSharp U2312HM
Case be quiet! Pure Base 500 + Noiseblocker NB-eLoop B12 + 2x ARCTIC P14
Audio Device(s) Creative Sound Blaster ZxR, X-Fi Titanium HD
Power Supply Seasonic Focus GX-650
Mouse Asus M5
Keyboard Lenovo USB
In this case what do endusers need to do to be protected?

For example, i have an MSI B450 Tomahawk (latest stable bios is from last july based on AGESA ComboAm4PI 1.0.0.6) with a Ryzen 3600x, with the latest chipset driver and win10 is kept up-to-date.
 
Joined
Apr 26, 2009
Messages
505 (0.11/day)
Location
You are here.
System Name Prometheus
Processor AMD Ryzen 9 5950x
Motherboard ASUS ROG Strix B550-I Gaming
Cooling EKWB EK-240 AIO D-RGB
Memory G.Skill Trident Z Neo 32GB
Video Card(s) ASUS Dual Radeon RX 5600 XT EVO
Storage WD Black SN850 1TB Gen4 x4 + 2 x Intel X25-M 160GB SATA
Display(s) DELL U4320Q 4K + Wacom Cintiq Pro 16 4K
Case Jonsbo A4 ver1.1 SFF
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Corsair SF750 Platinum SFX
Mouse Logitech G305 White Lightspeed
Keyboard Vortex Race 3 75% MX Brown
Software Windows 10 Pro x64
And as usual, AMD sweeps things under the rug, shifting the responsibility to the software developers:

Mitigation​

AMD recommends that SW vendors analyze their code for any potential vulnerabilities related to this type of transient execution. Potential vulnerabilities can be addressed by inserting an LFENCE or using existing speculation mitigation techniques.
 
Joined
Aug 20, 2007
Messages
16,560 (3.17/day)
System Name Pioneer
Processor Ryzen R9 5950X
Motherboard GIGABYTE Aorus Elite X570
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ 32GB (4 x 8GB) @ DDR4-3600 (Samsung B-Die)
Video Card(s) EVGA GeForce RTX 3070 FTW3
Storage 2x Mushkin Pilot-E 2TB NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) VGA HDMI->LG B9 OLED/Schiit Modi MB/Asgard 2 DAC/Amp to AKG Pro K712 Headphones
Power Supply EVGA SuperNova T2 Titanium 850W
Mouse Razer Deathadder v2
Keyboard 1991 IBM Model M (Second Generation White Label Part #1391401)
Software Windows 11 Enterprise (yes, it's legit)
And as usual, AMD sweeps things under the rug, shifting the responsibility to the software developers:
They haven't issued correcting microcode as well?

AFAIK this is also Intels advice, but they couple it with mitigating microcode.
 

user556

New Member
Joined
Feb 11, 2020
Messages
17 (0.03/day)
Going by the title, both Zen1 and Zen3 don't have the vulnerability. That would make it a regression that's already been corrected.
 
Joined
Apr 26, 2009
Messages
505 (0.11/day)
Location
You are here.
System Name Prometheus
Processor AMD Ryzen 9 5950x
Motherboard ASUS ROG Strix B550-I Gaming
Cooling EKWB EK-240 AIO D-RGB
Memory G.Skill Trident Z Neo 32GB
Video Card(s) ASUS Dual Radeon RX 5600 XT EVO
Storage WD Black SN850 1TB Gen4 x4 + 2 x Intel X25-M 160GB SATA
Display(s) DELL U4320Q 4K + Wacom Cintiq Pro 16 4K
Case Jonsbo A4 ver1.1 SFF
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Corsair SF750 Platinum SFX
Mouse Logitech G305 White Lightspeed
Keyboard Vortex Race 3 75% MX Brown
Software Windows 10 Pro x64
They haven't issued correcting microcode as well?

No, and it won't ever be addressed, other than that 8-page PDF showing a few assembler code snippets that software developers should look out for.

Consider some small piece of code written in a high level language, let's say the Fibonacci sequence, that's going to be about 8 lines of code. In assembler that's going to translate to at least 40 lines of code. Now apply some scale economics and think of a 1 to 5 million line project. That's not a small project, but it's not necessarily a huge one either. For example, an old version of Photoshop, CS6, has about 4.5 million lines of code. In assembler, that would be at least 25 million lines of code. And this is probably undercutting it by a fair amount.

AMD says good luck with that.
 
Joined
Jul 5, 2013
Messages
16,625 (5.40/day)
Location
USA
System Name GPD-Q9
Processor Rockchip RK-3288 1.8ghz quad core
Motherboard GPD Q9_V6_150528
Cooling Passive
Memory 2GB DDR3
Video Card(s) Mali T764
Storage 16GB Samsung NAND
Display(s) IPS 1024x600
Software Android 4.4.4R5 Custom
After having read the data sheet pdf, it seems clear to me this is a minor vulnerability which is why AMD classified it as "Medium" severity. The reason is detailed in the pdf. The vulnerability is present, but difficult to use for data capture, requires a perfect storm of conditions(including attacker physical presence, remote attacks are extremely unlikely) and even if successful will yield only that data which is present in the CPU L2/L3 at the time of execution. This is almost nothing-sauce.

AFAIK this is also Intels advice, but they couple it with mitigating microcode.
Potential vulnerabilities can be addressed by inserting an LFENCE or using existing speculation mitigation techniques as described in [2].
No microcode updates are needed as existing mitigations are easily adapted to resolve the problem.
 
Last edited:

Rus4kova

New Member
Joined
Jun 12, 2020
Messages
8 (0.01/day)
It's funny ... whenever a new Intel release is approaching we get all these ... AMD is bad AMD is insecure AMD is trash Intel wrecks AMD in 1 test and so on.
I wonder where it's all coming from? and why reporters are eating it raw.
 
Joined
Apr 26, 2009
Messages
505 (0.11/day)
Location
You are here.
System Name Prometheus
Processor AMD Ryzen 9 5950x
Motherboard ASUS ROG Strix B550-I Gaming
Cooling EKWB EK-240 AIO D-RGB
Memory G.Skill Trident Z Neo 32GB
Video Card(s) ASUS Dual Radeon RX 5600 XT EVO
Storage WD Black SN850 1TB Gen4 x4 + 2 x Intel X25-M 160GB SATA
Display(s) DELL U4320Q 4K + Wacom Cintiq Pro 16 4K
Case Jonsbo A4 ver1.1 SFF
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Corsair SF750 Platinum SFX
Mouse Logitech G305 White Lightspeed
Keyboard Vortex Race 3 75% MX Brown
Software Windows 10 Pro x64
AMD publicly disclosed the vulnerability this month. It has nothing to do with Intel's new releases calendar.
 
Joined
Feb 21, 2006
Messages
1,295 (0.22/day)
Location
Toronto, Ontario
System Name The Expanse
Processor AMD Ryzen 7 5800X
Motherboard Asus Prime X570-Pro BIOS 4021 AM4 AGESA V2 PI 1.2.0.3 Patch C
Cooling Corsair H150i Pro
Memory 32GB Gskill Trident RGB DDR4-3200 14-14-14-34-1T
Video Card(s) AMD Radeon RX 6800 XT 16GB
Storage Corsair MP600 1TB PCIe 4 / Samsung 860Evo 1TB x2 Raid 0 / Asus NAS AS1004T V2 14TB
Display(s) LG 34GP83A-B 34 Inch 21: 9 UltraGear Curved QHD (3440 x 1440) 1ms Nano IPS 160Hz
Case Fractal Design Meshify S2
Audio Device(s) Creative X-Fi + Logitech Z-5500
Power Supply Corsair AX850 Titanium
Mouse Corsair Dark Core RGB
Keyboard Logitech G810
Software Windows 10 Pro x64 21H2
Benchmark Scores 3800X https://valid.x86.fr/1zr4a5 5800X https://valid.x86.fr/2dey9c
Glad i'm on Zen 3 and ya that title certainly needs work.
 
Joined
Jun 3, 2010
Messages
2,540 (0.60/day)
It's funny ... whenever a new Intel release is approaching we get all these ... AMD is bad AMD is insecure AMD is trash Intel wrecks AMD in 1 test and so on.
I wonder where it's all coming from? and why reporters are eating it raw.
That is what they have got to do, if they step out of line it is over for them. Decency is the last thing reported.
 
Joined
Jul 9, 2015
Messages
3,016 (1.29/day)
System Name My all round PC
Processor i5 750
Motherboard ASUS P7P55D-E
Memory 8GB
Video Card(s) Sapphire 380 OC... sold, waiting for Navi
Storage 256GB Samsung SSD + 2Tb + 1.5Tb
Display(s) Samsung 40" A650 TV
Case Thermaltake Chaser mk-I Tower
Power Supply 425w Enermax MODU 82+
Software Windows 10
"Meltdown like" as in "kinda vulnerability, but not even remotely as bad as Meltdown".

That's some advanced usage of the word "like"... :D

It has nothing to do with Intel's new releases calendar.
AMD release does not.
Misleading article title, on the other hand... :peace:
 
Joined
Jul 5, 2013
Messages
16,625 (5.40/day)
Location
USA
System Name GPD-Q9
Processor Rockchip RK-3288 1.8ghz quad core
Motherboard GPD Q9_V6_150528
Cooling Passive
Memory 2GB DDR3
Video Card(s) Mali T764
Storage 16GB Samsung NAND
Display(s) IPS 1024x600
Software Android 4.4.4R5 Custom
Misleading article title, on the other hand...
I disagree, the title of the article is a fair assessment of the situation, just not the severity.
 
Joined
Aug 20, 2007
Messages
16,560 (3.17/day)
System Name Pioneer
Processor Ryzen R9 5950X
Motherboard GIGABYTE Aorus Elite X570
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ 32GB (4 x 8GB) @ DDR4-3600 (Samsung B-Die)
Video Card(s) EVGA GeForce RTX 3070 FTW3
Storage 2x Mushkin Pilot-E 2TB NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) VGA HDMI->LG B9 OLED/Schiit Modi MB/Asgard 2 DAC/Amp to AKG Pro K712 Headphones
Power Supply EVGA SuperNova T2 Titanium 850W
Mouse Razer Deathadder v2
Keyboard 1991 IBM Model M (Second Generation White Label Part #1391401)
Software Windows 11 Enterprise (yes, it's legit)
No microcode updates are needed as existing mitigations are easily adapted to resolve the problem.
That's not intel's take, nor mine. Software doesn't recompile itself. Disappointing this is AMDs philosophy.
 
Joined
Jul 5, 2013
Messages
16,625 (5.40/day)
Location
USA
System Name GPD-Q9
Processor Rockchip RK-3288 1.8ghz quad core
Motherboard GPD Q9_V6_150528
Cooling Passive
Memory 2GB DDR3
Video Card(s) Mali T764
Storage 16GB Samsung NAND
Display(s) IPS 1024x600
Software Android 4.4.4R5 Custom
That's not intel's take, nor mine. Software doesn't recompile itself. Disappointing this is AMDs philosophy.
Um, ok. You read the whitepaper pdf then?
 
Joined
Apr 15, 2021
Messages
419 (1.75/day)
In the eyes of these companies, you're just a toilet bug that they're profiting off of. When it comes to making money and cutting costs, they all behave the same way. When it comes down to it, its more of a personal preference of which you're able/willing to tolerate. :laugh:

P.S.: Can we get a "toilet bug" emoji? :laugh:
 
Joined
May 13, 2015
Messages
292 (0.12/day)
Processor AMD Ryzen 3800X / AMD 8350
Motherboard ASRock X570 Phantom Gaming X / Gigabyte 990FXA-UD5 Revision 3.0
Cooling Stock / Corsair H100
Memory 32GB / 24GB
Video Card(s) AMD Radeon 290X (Toggling until 6950XT)
Storage C:\ 1TB SSD, D:\ RAID-1 1TB SSD, 2x4TB-RAID-1
Display(s) Samsung U32E850R
Case be quiet! Dark Base Pro 900 Black rev. 2 / Fractal Design
Power Supply EVGA Supernova 1300G2 / EVGA Supernova 850G+
Mouse Logitech M-U0007
Keyboard Logitech G110 / Logitech G110
Don't you just love that misinforming article title?
Yeah, AMD has a vulnerability and Intel has it but let's focus 99% on AMD because that is objective.</sarcasm>
 
Joined
Aug 20, 2007
Messages
16,560 (3.17/day)
System Name Pioneer
Processor Ryzen R9 5950X
Motherboard GIGABYTE Aorus Elite X570
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ 32GB (4 x 8GB) @ DDR4-3600 (Samsung B-Die)
Video Card(s) EVGA GeForce RTX 3070 FTW3
Storage 2x Mushkin Pilot-E 2TB NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) VGA HDMI->LG B9 OLED/Schiit Modi MB/Asgard 2 DAC/Amp to AKG Pro K712 Headphones
Power Supply EVGA SuperNova T2 Titanium 850W
Mouse Razer Deathadder v2
Keyboard 1991 IBM Model M (Second Generation White Label Part #1391401)
Software Windows 11 Enterprise (yes, it's legit)
Um, ok. You read the whitepaper pdf then?
Yeah, I glanced at it but this really isn't technical to understand. I disagree with AMDs approach to remedy this. You'd need to hope all software is "spectre-vulnerability ready." That is not realistic to expect in a closed source ecosystem like windows.

Anything that purely shifts the blame to the vendor of the software like this is as good as nothing, it's passing the buck, and that's all.
 
Last edited:
Joined
Apr 15, 2021
Messages
419 (1.75/day)
Yeah, AMD has a vulnerability and Intel has it but let's focus 99% on AMD because that is objective.</sarcasm>
Yeah, looks like we have ourselves a set of butt cheeks in front of us with some security business to attend to. One cheek is stamped with Intel, and the other AMD. You can never go wrong regardless of which one we kick, but if we kick the same one too much, for some reason it just gets bigger with all the swelling and the pair end up being out of proportion. Both Intel & AMD need to be addressing security issues given how ubiquitous this stuff is throughout the industries.
 
Joined
Jul 5, 2013
Messages
16,625 (5.40/day)
Location
USA
System Name GPD-Q9
Processor Rockchip RK-3288 1.8ghz quad core
Motherboard GPD Q9_V6_150528
Cooling Passive
Memory 2GB DDR3
Video Card(s) Mali T764
Storage 16GB Samsung NAND
Display(s) IPS 1024x600
Software Android 4.4.4R5 Custom
Yeah, I glanced at it but this really isn't technical to understand. I disagree with AMDs approach to remedy this. You'd need to hope all software is "spectre-vulnerability ready." That is not realistic to expect in a closed source ecosystem like windows.

Anything that purely shifts the blame to the vendor of the software like this is as good as nothing, it's passing the buck, and that's all.
I think you might be misunderstanding this situation. AMD isn't passing the buck, they are saving time and money for everyone. The mitigation for this vulnerability is just a minor, easily made, change to existing mitigations. As I said, it's almost nothing-sauce.

Yeah, AMD has a vulnerability and Intel has it but let's focus 99% on AMD because that is objective.</sarcasm>
On page 4, section 5 of the pdf, the researchers clearly define the Intel side of things by stating:
We also tested Intel CPUs for such behaviour. All Intel CPUs that are vulnerable to MDS attacks inherently have the same flaw described here.
They did not elaborate further as existing meltdown mitigations are very likely to solve the problem. While this was not stated(and yes it should have been), it was implied.
 
Joined
Feb 3, 2017
Messages
3,223 (1.82/day)
Processor R5 5600X
Motherboard ASUS ROG STRIX B550-I GAMING
Cooling Alpenföhn Black Ridge
Memory 2*16GB DDR4-2666 VLP @3800
Video Card(s) Geforce RTX 3070 FE
Storage 1TB Samsung 970 Pro, 2TB Intel 660p
Display(s) ASUS PG279Q, Eizo EV2736W
Case Dan Cases A4-SFX
Power Supply Corsair SF600
Mouse Corsair Ironclaw Wireless RGB
Keyboard Corsair K60
VR HMD HTC Vive
They did not elaborate further as existing meltdown mitigations are very likely to solve the problem. While this was not stated(and yes it should have been), it was implied.
They did elaborate further and MDS mitigations seem to work against it:
All Intel CPUs that are vulnerable to MDS attacks inherently have the same flaw described here. We tested one MDS-resistant Intel(R) Core(TM) i7-10510U, and we did not detect such a flaw.
 
Top