AMD investigating claimed Ryzen, Epyc security flaws

March 14, 2018 // 11:17 a.m.

Tags: #amd #arrigo-triulzi #chimera #cts-labs #epyc #fallout #flaw #insecurity #masterkey #meltdown #ryzen #ryzenfall #ryzen-mobile #ryzen-pro #security #spectre #zen

Companies: #amd #cts-labs

AMD has confirmed it is investigating claims of new Meltdown-like flaws in its latest Zen-based processor families, following the publication - after a mere 24 hours notice - of a white paper by security firm CTS-Labs.

While the original Meltdown vulnerability in Intel processors was leaked ahead of schedule a few days before it was confirmed alongside the cross-vendor Spectre vulnerabilities, that leak came towards the end of a lengthy consultation period between the researchers who discovered the flaws and the companies whose products were affected. Not so the 13 vulnerabilities detailed by CTS-Labs, which gave AMD just one day's notice before launching a website making the details public.

According to CTS-Labs, the 13 flaws in the shared design of the Ryzen and Epyc processors are split into four catchily-named classes: Ryzenfall, Masterkey, Fallout, and Chimera. Each allows unauthorised access to the AMD Secure Processor, while some allow for the execution of unauthorised code on the Ryzen chipset itself without the need for a valid digital signature. All, the company claims, are serious and immediately exploitable, though not all flaws are applicable to all processors: Ryzen and Ryzen Pro chips are said to be vulnerable to Masterkey, Ryzenfall, and Chimera; Ryzen mobile parts to Masterkey and one Ryzenfall variant; and Epyc to Masterkey and Fallout.

AMD has confirmed that it is investigating the report, but some in the industry have raised concerns with CTS-Labs' claims. Researcher Arrigo Triulzi has posted an analysis of the whitepaper to Twitter claiming that it is 'over-hyped beyond belief. This is a whitepaper worthy of an ICO [Initial Coin Offering, the cryptocurrency equivalent of an Initial Public Offering and a financial branch heavy with fraud]. And yes, that is meant to be an insult.

'Conclusion, re-written: "we wrote an amazing media-whoring whitepaper and website about stuff which is barely beyond obvious so that we can short AMD stock because suckers and TVs will listen to us,"' Triulzi concludes. 'They hope the security community takes note of these findings. Right. Free threat analysis: the only one which I’d be worried about if you are a government agency is the chipset vulnerability. Having said this when was the last time you audited your Intel chipset?'

If financial gain through stock-market manipulation was indeed CTS-Labs' goal, it appears to have backfired: AMD's share price is up 1.04 on the news, and a further 0.77 percent in after-hours trading. CTS-Labs' whitepaper, meanwhile, is available on the amdflaws.com website.


Discuss this in the forums

QUICK COMMENT

WEEK IN REVIEW

TOP STORIES

SUGGESTED FOR YOU