AMD 'Zenbleed' Bug Leaks Data From Zen 2 Ryzen, EPYC CPUs: Most Patches Coming Q4 (Updated)
A huge Zen 2 leak requires a patch.
Update 7/24/23 5:40pm PT: Added a statement from Google and also a full list of all impacted processors and the expected dates for patches for each model.
Update 7/24/23 1:30pm PT: AMD has responded with key details and published a security advisory with the expected dates for new firmwares, many of which don't arrive until the end of the year. We have added that information to the original article below.
Original Article Published 7/24/23 8:45am PT:
Tavis Ormandy, a researcher with Google Information Security, posted today about a new vulnerability he independently found in AMD's Zen 2 processors. The 'Zenbleed' vulnerability spans the entire Zen 2 product stack, including AMD's EPYC data center processors and the Ryzen 3000/4000/5000 CPUs, allowing the theft of protected information from the CPU, such as encryption keys and user logins. The attack does not require physical access to the computer or server and can even be executed via javascript on a webpage.
AMD didn't have an advisory ready at the time of publication, but the company did add the AMD-SB-7008 Bulletin several hours later. AMD has patches ready for its EPYC 7002 'Rome' processors now, but it will not patch its consumer Zen 2 Ryzen 3000, 4000, and some 5000-series chips until November and December of this year. AMD's processors used in the PS5, Xbox Series X and S, and Steam Deck are all also powered by Zen 2 chips, but it remains unclear if those are impacted. We're following up for more details. We have added details further below about mitigation schedules.
AMD hasn't given specific details of any performance impacts but did issue the following statement to Tom's Hardware: “Any performance impact will vary depending on workload and system configuration. AMD is not aware of any known exploit of the described vulnerability outside the research environment.”
AMD's statement implies there will be some performance impact from the patches, but we'll have to conduct independent benchmarks when the patches arrive for the consumer Ryzen products. In the meantime, we've asked AMD for any ballpark figures it can share.
The Zenbleed vulnerability is filed as CVE-2023-20593 and allows data exfiltration (theft) at a rate of 30kb per core, per second, thus providing adequate throughput to steal sensitive information flowing through the processor. This attack works across all software running on the processor, including virtual machines, sandboxes, containers, and processes. The ability for this attack to read data across virtual machines is particularly threatening for cloud service providers and those who use cloud instances.
The attack can be accomplished via unprivileged arbitrary code execution. Ormandy has posted a security research repository and code for the exploit. The attack works by manipulating the register files to force a mispredicted command (meaning it eploits the speculative execution engine), as described below:
"The bug works like this, first of all you need to trigger something called the XMM Register Merge Optimization2, followed by a register rename and a mispredicted vzeroupper. This all has to happen within a precise window to work.
We now know that basic operations like strlen, memcpy and strcmp will use the vector registers - so we can effectively spy on those operations happening anywhere on the system! It doesn’t matter if they’re happening in other virtual machines, sandboxes, containers, processes, whatever!
This works because the register file is shared by everything on the same physical core. In fact, two hyperthreads even share the same physical register file," says Ormandy.
AMD describes the exploit much more simply, saying, "Under specific microarchitectural circumstances, a register in “Zen 2” CPUs may not be written to 0 correctly. This may cause data from another process and/or thread to be stored in the YMM register, which may allow an attacker to potentially access sensitive information."
Stay On the Cutting Edge: Get the Tom's Hardware Newsletter
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
Ormandy says the bug can be patched through a software approach for multiple operating systems (e.g., "you can set the chicken bit DE_CFG[9]"), but this might result in a performance penalty. Ormandy says it is highly recommended to get the microcode update, but his post also has examples of software mitigations for other operating systems, too.
Here's a list of the impacted processors, and the schedule for the release of the AGESA versions to OEMs:
Processor | Agesa Firmware | Availability to OEMs | Microcode |
2nd-Gen AMD EPYC Rome Processors | RomePI 1.0.0.H | Now | 0x0830107A |
Ryzen 3000 Series “Matisse” | ComboAM4v2PI_1.2.0.C | ComboAM4PI_1.0.0.C | Target Dec 2023 for both | ? |
Ryzen 4000 Series "Renoir" AM4 | ComboAM4v2PI_1.2.0.C | Target Dec 2023 | ? |
Threadripper 3000-Series "Caslle Peak" | CastlePeakPI-SP3r3 1.0.0.A | Target Oct 2023 | ? |
Threadripper PRO 3000WX-Series "Castle Peak" | CastlePeakWSPI-sWRX8 1.0.0.C | ChagallWSPI-sWRX8 1.0.0.7 | Target Nov 2023 | Target Dec 2023 | ? |
Ryzen 5000 Series Mobile "Lucienne" | CezannePI-FP6_1.0.1.0 | Target Dec 2023 | ? |
Ryzen 4000 Series Mobile "Renoir" | RenoirPI-FP6_1.0.0.D | Target Nov 2023 | ? |
Ryzen 7020 Series "Mendocino" | MendocinoPI-FT6_1.0.0.6 | Target Dec 2023 | ? |
Below, we have a more detailed list with the model number of each impacted chip and the expected data for the new AGESA to arrive. AMD's AGESA is a code foundation upon which the OEMs build BIOS revisions. You will need to update to a BIOS with the above-listed AGESA code, or newer, to patch your system.
“We are aware of the AMD hardware security vulnerability described in CVE-2023-20593, which was discovered by Tavis Ormandy, a Security Researcher at Google, and we have worked with AMD and industry partners closely. We have worked to address the vulnerability across Google platforms.” - Google spokesperson to Tom's Hardware.
Ormandy says he reported the issue to AMD on May 15, 2023. Ormandy also credits his colleagues; "I couldn’t have found it without help from my colleagues, in particular Eduardo Vela Nava and Alexandra Sandulescu. I also had help analyzing the bug from Josh Eads."
Desktop CPU | New Agesa Firmware Version | Patch Due |
---|---|---|
Ryzen 3 3100 | ComboAM4v2PI_1.2.0.C | ComboAM4PI_1.0.0.C | Dec 2023 |
Ryzen 3 3300X | ComboAM4v2PI_1.2.0.C | ComboAM4PI_1.0.0.C | Dec 2023 |
Ryzen 3 4100 | ComboAM4v2PI_1.2.0.C | Nov 2023 |
Ryzen 3 4300G | ComboAM4v2PI_1.2.0.C | Dec 2023 |
Ryzen 3 4300GE | ComboAM4v2PI_1.2.0.C | Dec 2023 |
Ryzen 4700S | ComboAM4v2PI_1.2.0.C | Nov 2023 |
Ryzen 5 3500 | ComboAM4v2PI_1.2.0.C | ComboAM4PI_1.0.0.C | Dec 2023 |
Ryzen 5 3500X | ComboAM4v2PI_1.2.0.C | ComboAM4PI_1.0.0.C | Dec 2023 |
Ryzen 5 3600 | ComboAM4v2PI_1.2.0.C | ComboAM4PI_1.0.0.C | Dec 2023 |
Ryzen 5 3600X | ComboAM4v2PI_1.2.0.C | ComboAM4PI_1.0.0.C | Dec 2023 |
Ryzen 5 3600XT | ComboAM4v2PI_1.2.0.C | ComboAM4PI_1.0.0.C | Dec 2023 |
Ryzen 5 4500 | ComboAM4v2PI_1.2.0.C | Nov 2023 |
Ryzen 5 4600G | ComboAM4v2PI_1.2.0.C | Dec 2023 |
Ryzen 5 4600GE | ComboAM4v2PI_1.2.0.C | Dec 2023 |
Ryzen 7 3700X | ComboAM4v2PI_1.2.0.C | ComboAM4PI_1.0.0.C | Dec 2023 |
Ryzen 7 3800X | ComboAM4v2PI_1.2.0.C | ComboAM4PI_1.0.0.C | Dec 2023 |
Ryzen 7 3800XT | ComboAM4v2PI_1.2.0.C | ComboAM4PI_1.0.0.C | Dec 2023 |
Ryzen 7 4700G | ComboAM4v2PI_1.2.0.C | Dec 2023 |
Ryzen 7 4700GE | ComboAM4v2PI_1.2.0.C | Dec 2023 |
Ryzen 9 3900 | ComboAM4v2PI_1.2.0.C | ComboAM4PI_1.0.0.C | Dec 2023 |
Ryzen 9 3900X | ComboAM4v2PI_1.2.0.C | ComboAM4PI_1.0.0.C | Dec 2023 |
Ryzen 9 3900XT | ComboAM4v2PI_1.2.0.C | ComboAM4PI_1.0.0.C | Dec 2023 |
Ryzen 9 3950X | ComboAM4v2PI_1.2.0.C | ComboAM4PI_1.0.0.C | Dec 2023 |
Ryzen Threadripper 3960X | CastlePeakWSPI-sWRX8 1.0.0.C | ChagallWSPI-sWRX8 1.0.0.9 | Nov 2023 / Dec 2023 |
Ryzen Threadripper 3970X | CastlePeakWSPI-sWRX8 1.0.0.C | ChagallWSPI-sWRX8 1.0.0.8 | Nov 2023 / Dec 2023 |
Ryzen Threadripper 3990X | CastlePeakWSPI-sWRX8 1.0.0.C | ChagallWSPI-sWRX8 1.0.0.7 | Nov 2023 / Dec 2023 |
Ryzen Threadripper Pro 3945WX | CastlePeakWSPI-sWRX8 1.0.0.C | ChagallWSPI-sWRX8 1.0.0.13 | Nov 2023 / Dec 2023 |
Ryzen Threadripper Pro 3955WX | CastlePeakWSPI-sWRX8 1.0.0.C | ChagallWSPI-sWRX8 1.0.0.12 | Nov 2023 / Dec 2023 |
Ryzen Threadripper Pro 3975WX | CastlePeakWSPI-sWRX8 1.0.0.C | ChagallWSPI-sWRX8 1.0.0.10 | Nov 2023 / Dec 2023 |
Ryzen Threadripper Pro 3995WX | CastlePeakWSPI-sWRX8 1.0.0.C | ChagallWSPI-sWRX8 1.0.0.11 | Nov 2023 / Dec 2023 |
Mobile CPU | New Agesa Firmware Version | Patch Due |
---|---|---|
Ryzen 3 4300U | RenoirPI-FP6_1.0.0.D | Nov 2023 |
Ryzen 3 5300U | CezannePI-FP6_1.0.1.0 | Dec 2023 |
Ryzen 3 7320U | MendocinoPI-FT6_1.0.0.6 | Dec 2023 |
Ryzen 5 4500U | RenoirPI-FP6_1.0.0.D | Nov 2023 |
Ryzen 5 4600H | RenoirPI-FP6_1.0.0.D | Nov 2023 |
Ryzen 5 4600HS | RenoirPI-FP6_1.0.0.D | Nov 2023 |
Ryzen 5 4600U | RenoirPI-FP6_1.0.0.D | Nov 2023 |
Ryzen 5 4680U | RenoirPI-FP6_1.0.0.D | Nov 2023 |
Ryzen 5 5500U | CezannePI-FP6_1.0.1.0 | Dec 2023 |
Ryzen 5 7520U | MendocinoPI-FT6_1.0.0.6 | Dec 2023 |
Ryzen 7 4700U | RenoirPI-FP6_1.0.0.D | Nov 2023 |
Ryzen 7 4800U | RenoirPI-FP6_1.0.0.D | Nov 2023 |
Ryzen 7 4980U | RenoirPI-FP6_1.0.0.D | Nov 2023 |
Ryzen 7 5700U | CezannePI-FP6_1.0.1.0 | Dec 2023 |
Ryzen 9 4900H | RenoirPI-FP6_1.0.0.D | Nov 2023 |
Ryzen 9 4800H | RenoirPI-FP6_1.0.0.D | Nov 2023 |
Ryzen 9 4800HS | RenoirPI-FP6_1.0.0.D | Nov 2023 |
Ryzen 9 4900HS | RenoirPI-FP6_1.0.0.D | Nov 2023 |
Server CPU | New Agesa Firmware Version | Patch Available |
---|---|---|
EPYC 7232P | RomePI 1.0.0.H | Now |
EPYC 7252 | RomePI 1.0.0.H | Now |
EPYC 7262 | RomePI 1.0.0.H | Now |
EPYC 7272 | RomePI 1.0.0.H | Now |
EPYC 7282 | RomePI 1.0.0.H | Now |
EPYC 7302 | RomePI 1.0.0.H | Now |
EPYC 7302P | RomePI 1.0.0.H | Now |
EPYC 7352 | RomePI 1.0.0.H | Now |
EPYC 7402 | RomePI 1.0.0.H | Now |
EPYC 7402P | RomePI 1.0.0.H | Now |
EPYC 7452 | RomePI 1.0.0.H | Now |
EPYC 7502 | RomePI 1.0.0.H | Now |
EPYC 7502P | RomePI 1.0.0.H | Now |
EPYC 7532 | RomePI 1.0.0.H | Now |
EPYC 7542 | RomePI 1.0.0.H | Now |
EPYC 7552 | RomePI 1.0.0.H | Now |
EPYC 7642 | RomePI 1.0.0.H | Now |
EPYC 7662 | RomePI 1.0.0.H | Now |
EPYC 7702 | RomePI 1.0.0.H | Now |
EPYC 7702P | RomePI 1.0.0.H | Now |
EPYC 7742 | RomePI 1.0.0.H | Now |
EPYC 7F32 | RomePI 1.0.0.H | Now |
EPYC 7F52 | RomePI 1.0.0.H | Now |
EPYC 7F72 | RomePI 1.0.0.H | Now |
EPYC 7H12 | RomePI 1.0.0.H | Now |
Paul Alcorn is the Managing Editor: News and Emerging Tech for Tom's Hardware US. He also writes news and reviews on CPUs, storage, and enterprise hardware.
-
JamesJones44 It's kind of a bummer that we've entered an age of a processor's ability to operate at peak performance is limited to a time window. Hopefully they can come up with a way to mitigate/patch these at the hardware level at some point in future designs.Reply -
rluker5 Aren't consoles zen2?Reply
Hope this gets fixed faster than the similar SQUIP vulnerability. -
deksman JamesJones44 said:It's kind of a bummer that we've entered an age of a processor's ability to operate at peak performance is limited to a time window. Hopefully they can come up with a way to mitigate/patch these at the hardware level at some point in future designs.
That depends what each company classifies as 'peak performance' and how they modify their chips to behave.
This will of course depend on the voltage, core temps, etc... however, one can always reduce the frequencies a bit and lose about 5% performance if it means the processor can operate at its peak 24/7.
Usually, CPU's can be modified to hit a given frequency for a small window before throttling back... but in fairness, this usually happens on laptops which have tighter thermal constraints vs desktops. -
hotaru.hino
Unless we develop CPUs out of FPGAs, you can't really patch hardware. Once it's etched in the silicon, that's it.JamesJones44 said:It's kind of a bummer that we've entered an age of a processor's ability to operate at peak performance is limited to a time window. Hopefully they can come up with a way to mitigate/patch these at the hardware level at some point in future designs.
A lot of the problems simply stem from design oversights. That or they were aware of the problem, but considered the feasibility of it to be exploited too impractical for the performance benefit. At the end of the day though, you have to move a slider between security and performance, because the two are mutually exclusive. -
YouFilthyHippo Im still on a 2 year old BIOS. Im not upgrading. Ya, my PC is vulnerable, to who? The random guy that's going to pick me out of a billion people and somehow know that I have a Zen 2 chip. Ya, these vulnerabilities exist, but in practice they are completely irrelevant, unless your a big datacenter/big company with sensetive data. A home PC gamer shouldn't be worriedReply -
jeremyj_83
Most of these security vulnerabilities aren't a big deal for home users. However, they are a big deal for corporate desktops and especially servers.YouFilthyHippo said:Im still on a 2 year old BIOS. Im not upgrading. Ya, my PC is vulnerable, to who? The random guy that's going to pick me out of a billion people and somehow know that I have a Zen 2 chip. Ya, these vulnerabilities exist, but in practice they are completely irrelevant, unless your a big datacenter/big company with sensetive data. A home PC gamer shouldn't be worried -
RedBear87
Sure and all those security vulnerabilities affecting various Intel CPUs in the past were discovered by AyyMD sponsored researchers... it's much more likely that now that AMD has become relevant again, guess what, people spend time trying to find and warn about securities affecting their CPUs...NeoMorpheus said:I bet you he is sponsored by Intel and Ngreedia.:ROFLMAO::ROFLMAO: -
hotaru.hino
Or it's because any time there's a X vs Y thread, it devolves into an uncivilized poopshow.Thunder64 said:It is (or should be) known that Paul Acorn is a known Intel fan. His best CPU's articles are a joke with comments turned off so no one can dispute him. -
King_V Hold up a second...Reply
AMD Ryzen 5000 Series Processors with Radeon Graphics
These are Zen 2? -
hotaru.hino
These laptop APUs were Zen 2 based:King_V said:Hold up a second...
These are Zen 2?
Ryzen 7 5700U
Ryzen 5 5500U
Ryzen 3 5300U