The exposure of ghost and fusing loopholes has made people pay more attention to the security of CPU processor than ever before, especially the impact on Intel. Since then, new loopholes have been exposed, with different severity and impact range.
Researchers at the University of Technology in Graz, Austria, published a paper saying they have discovered two new ways of attacking AMD processors Collide Probe、Load Reload, collectively called
The vulnerability is described as a new side channel attack mode, belonging to the famous spectre series.
The leak affects all processors, including the bulldozer family and the Zen family, for AMD 2011-2019 years, researchers said.
The researchers tested 15 different types of AMD processors, includingThe old architecture did not exist in the early years, including the K8 architecture of X2 64 The Yilong II X6 of K10 Architecture 1055T and hyun dragon II Neo N40L,Bobcat bobcat architecture of the E-450、Jaguar puma architecture of the fast dragon 5350.
Since then, all the new architecture processors have fallen, including the bulldozer architecture FX-4100、 the pile driver architecture FX-8350、 the excavator architecture of the A10-7870K、Zen architecture of the thread ripper 1920 X/1950X and the Xiaolong 7401 p/7571、Zen architecture of the thread ripper 2970 architecture of the sharp dragon 7 3700X.
Two of them were tested in the cloud, and the other processors were tested locally in the laboratory.
The researchers did not mention whether Intel processors were affected.
The researchers say,They fed back the vulnerability to AMD on August 23, 2019 but has not seen a security update, and now public disclosure is in line with industry practice.
Fortunately, amd quickly made an official response, telling everyone not to worry.
Look at this, amd doesn't think that this so-called new vulnerability has a real security threat, nor will it issue updated patches. It just suggests that users ensure that the operating system is the latest version, update all patches, and pay attention to daily operation security.