Skip to main content

AMD processors have a worrying security flaw

(Image credit: Image Credit: AMD)

Most recent AMD processors contain flaws that allow hackers to gain access to sensitive data. The company was notified of the issue in August, but is yet to release a patch.

Security researchers from the Graz University of Technology have published a paper describing the flaws, which affect processors built within the last eight year.

The vulnerability is comprised of two exploits - Collide+Probe and Load+Reload - collectively referred to as Take A Way. These side channel attacks manipulate the L1D cache predictor to gain access to sensitive data.

"With Collide+Probe, an attacker can monitor a victim’s memory accesses without knowledge of physical addresses or shared memory when time-sharing a logical core," said the paper, shared via Twitter by researcher Moritz Lipp.

"With Load+Reload, we exploit the way predictor to obtain highly-accurate memory-access traces of victims on the same physical core. While Load+Reload relies on shared memory, it does not invalidate the cache line, allowing stealthier attacks that do not induce any last level-cache evictions.“

Researchers have already succeeded in harnessing the exploits on Chrome and Firefox web browsers.

In a statement issued on the company website, AMD said it was “aware” of the claims, but researchers say the flaws remain active at the time of writing.

Sead Fadilpašić

Sead is a freelance journalist with more than 15 years of experience in writing various types of content, from blogs, whitepapers, and reviews to ebooks, and many more, across sites including Al Jazeera Balkans, TechRadar Pro, IT Pro Portal, and CryptoNews.