Zenbleed: an AMD Zen 2 speculative vulnerability

[Posted July 24, 2023 by jake]

Tavis Ormandy reports on a vulnerability that he has found in "all Zen 2 class processors" from AMD. (Wayback Machine link as the original site is overloaded.) It can allow local attackers to recover data used in string operations; "If you remove the first word from the string 'hello world', what should the result be? This is the story of how we discovered that the answer could be your root password!" The report has lots of details, including an exploit; AMD has released a microcode update to address the problem.

We now know that basic operations like strlen, memcpy and strcmp will use the vector registers - so we can effectively spy on those operations happening anywhere on the system! It doesn't matter if they're happening in other virtual machines, sandboxes, containers, processes, whatever!
This works because the register file is shared by everything on the same physical core. In fact, two hyperthreads even share the same physical register file.

Zenbleed: an AMD Zen 2 speculative vulnerability

Posted Jul 24, 2023 19:15 UTC (Mon) by flussence (guest, #85566) [Link] (12 responses)

Yesterday I noticed by complete chance my (nearly 4-year-old) motherboard had a BIOS update last week. It probably doesn't fix the unstable XMP RAM timings or the broken, nonfunctional PSP/CCP — they don't care about those because they weren't needed to get a Windows XP gold star sticker — but does it at least have this microcode? I have no idea! Isn't proprietary software fun?

and I just rebooted into 6.4.5 too… well what's one more. (sigh)

Zenbleed: an AMD Zen 2 speculative vulnerability

Posted Jul 25, 2023 3:57 UTC (Tue) by flussence (guest, #85566) [Link] (11 responses)

Answering my own (rhetorical) question(s) after some wandering around the web for more info: No, AGESA 1.2.0.8 does not have this microcode. Nor does 1.2.0.A. The one that supposedly does is 1.2.0.C which they're keeping to themselves until December, to say nothing of the lag added by motherboard vendors.

Zenbleed: an AMD Zen 2 speculative vulnerability

Posted Jul 25, 2023 11:39 UTC (Tue) by ernstp (guest, #13694) [Link] (10 responses)

Isn't this kind of microcode enough.. ?
https://git.kernel.org/pub/scm/linux/kernel/git/firmware/...

Zenbleed: an AMD Zen 2 speculative vulnerability

Posted Jul 25, 2023 11:58 UTC (Tue) by hawk (subscriber, #3195) [Link] (9 responses)

It's possible that this *kind* of microcode update is enough (I'm not 100% sure, but it would make sense). However, what is actually there is only for a few affected models (EPYC specifically? that would fit what AMD is saying).

Zenbleed: an AMD Zen 2 speculative vulnerability

Posted Jul 25, 2023 12:25 UTC (Tue) by paulj (subscriber, #341) [Link] (8 responses)

Seems to cover all the family 0x19h and 0x17h CPUs (there are 2 commits)? The microcode file seems to be family specific - not more granular?

Zenbleed: an AMD Zen 2 speculative vulnerability

Posted Jul 25, 2023 20:38 UTC (Tue) by flussence (guest, #85566) [Link] (7 responses)

I've now seen multiple corroborated reports that the CPU models listed in the amd-ucode directory readme are all that's actually there - i.e. everyone with a socket AM4 chip is screwed for the next six months.

Which… sounds entirely on brand for the company that didn't have a real cpufreq driver for three years. Not impressed with AMD right now.

Zenbleed: an AMD Zen 2 speculative vulnerability

Posted Jul 25, 2023 22:28 UTC (Tue) by paulj (subscriber, #341) [Link] (6 responses)

Ah, agreed, yeah. Seems the file is a bunch of patches to the µcode (?). You don't need to believe the readme, apparently this python script can parse the bin file and print the info: https://github.com/AMDESE/amd_ucode_info

Though, AM4? Isn't that Zen - while this vulnerability affects Zen2?

Maybe... the issue doesn't affect the CPUs they didn't issue patches for?

Zenbleed: an AMD Zen 2 speculative vulnerability

Posted Jul 25, 2023 22:52 UTC (Tue) by tao (subscriber, #17563) [Link]

Should be fairly easy to confirm, no? There's a proof of concept available.

Zenbleed: an AMD Zen 2 speculative vulnerability

Posted Jul 25, 2023 22:57 UTC (Tue) by farnz (subscriber, #17727) [Link] (2 responses)

<p>Socket AM4 is all Ryzen family processors that support DDR4. Socket AM5 is for CPUs that only support DDR5. Thus, AM4 is used for Zen, Zen + Zen 2 and Zen 3 processors, while AM5 is Zen 4 only.

Zenbleed: an AMD Zen 2 speculative vulnerability

Posted Jul 26, 2023 12:06 UTC (Wed) by paulj (subscriber, #341) [Link] (1 responses)

Ah, yes. It's still not clear to me if the microcode updates for the 0x17h and 0x19h CPUs do or do not cover all the affected CPUs.

Zenbleed: an AMD Zen 2 speculative vulnerability

Posted Jul 26, 2023 13:39 UTC (Wed) by MarcB (subscriber, #101804) [Link]

They do NOT cover all affected CPUs.

The microcode applies to - and fixes - our EPYC servers, but it does not apply to the equally affected Ryzen PRO 3xxx we use on small servers.

Also the PoC works scaringly well. This vulnerability is on the level of Meltdown, i.e. much easier to exploit and providing a far higher leak rate rate than most Spectre attacks.

Zenbleed: an AMD Zen 2 speculative vulnerability

Posted Jul 26, 2023 8:40 UTC (Wed) by flussence (guest, #85566) [Link]

> Though, AM4? Isn't that Zen - while this vulnerability affects Zen2?

You're right - I'd forgotten just how glacial the hardware side of things moves sometimes (for the better :-)

Zenbleed: an AMD Zen 2 speculative vulnerability

Posted Jul 27, 2023 4:43 UTC (Thu) by diegor (subscriber, #1967) [Link]

The original article mention this processor:

AMD Ryzen 5000 Series Processors with Radeon Graphics

but POC on this processor doesn't work, and it is a zen3 cpu. It looks it is really a zen2 only issue.

Zenbleed: an AMD Zen 2 speculative vulnerability

Posted Jul 24, 2023 19:38 UTC (Mon) by rfrancoise (subscriber, #15508) [Link] (3 responses)

The fix that went into 6.4.6 checks for microcode version 0x08701032 for my CPU (Ryzen 3700X, family 0x17, model 0x71) and that version doesn't seem to be included in the microcode updates in linux-firmware.git. I'm still running microcode 0x08701021 even after the update.

Zenbleed: an AMD Zen 2 speculative vulnerability

Posted Jul 24, 2023 21:10 UTC (Mon) by intelfx (subscriber, #130118) [Link] (2 responses)

Looks like the workaround is not affected by `mitigations=off`. I wonder if that's intentional?

Zenbleed: an AMD Zen 2 speculative vulnerability

Posted Jul 25, 2023 8:10 UTC (Tue) by dvrabel (subscriber, #9500) [Link] (1 responses)

It's a correctness bug not just a security one, so the workaround needs to be always enabled.

Zenbleed: an AMD Zen 2 speculative vulnerability

Posted Jul 25, 2023 11:17 UTC (Tue) by intelfx (subscriber, #130118) [Link]

Ah, I see, thanks.