Severe processor vulnerabilities discovered on AMD Ryzen Processors - 13 vulnerabilities reported

Discussion in 'Technology News' started by bssunilreddy, Mar 14, 2018.

  1. bssunilreddy

    bssunilreddy Well-Known Member

    Joined:
    Apr 5, 2004
    Messages:
    13,136
    Likes Received:
    799
    Trophy Points:
    113
    Location:
    Hyderabad
    Severe processor vulnerabilities discovered on AMD Ryzen Processors - 13 vulnerabilities reported

    CTS game AMD 24 hours notice before they made their findings public... something smells fishy here

    [​IMG]

    Severe processor vulnerabilities discovered on AMD Ryzen Processors - 13 vulnerabilities reported
    AMD came out of the Spectre and Meltdown controversies without much of a hit, with Intel bearing the brunt of the issues. Now it looks like AMD has vulnerabilities of their own, with CTS-Labs, an Israeli security company announcing that AMD has 13 vulnerabilities that affect their Ryzen CPU lineup, hitting all product lines from Ryzen mobile to EPYC.

    What is most worrying is that these flaws have been found within AMD's secure processor, an area within modern processors which are designed to maintain system security. It has also been reported that CTS Labs gave AMD less than 24 hours notice before making their findings public, which is a lot lower than the standard 90-days notice which is common within the industry. Intel was given 90 days notice for both Spectre and Meltdown, whereas AMD got less than a day, making CTS Lab's conduct here questionable at best.

    With all of this news coming out so quickly and seemingly out of nowhere, CTS Labs' findings must be called into question. At a minimum, this is atrocious conduct on the part of CTS from a security standpoint, especially when given the fact that AMD has not validated their findings. Take this news with a grain of salt for now, as this is a situation that is wholly unlike Spectre and Meltdown.

    A CTS Labs security audit revealed multiple critical security vulnerabilities and manufacturer backdoors in AMD’s latest EPYC, Ryzen, Ryzen Pro, and Ryzen Mobile processors. These vulnerabilities have the potential to put organizations at significantly increased risk of cyber-attacks.

    CTS Labs has produced a white paper report further detailing these vulnerabilities available at amdflaws.com. CTS Labs has also shared this information with AMD, Microsoft, HP, Dell, and select security companies, in order that they may work on developing mitigations and patches, and examine and research these and any other potential vulnerabilities at the Company. CTS Labs has also shared this information with relevant U.S. regulators.


    If these reported issues are genuine, they are not as readily exploitable as Spectre and Meltdown, seemingly requiring elevated administrator rights in many cases or in the case of Masterkey, the installation of BIOS-based Malware. For now, it seems like these issues are difficult to exploit, making these problems nowhere near as problematic as Spectre and Meltdown.

    AMD is currently assessing CTS Lab's reported vulnerabilities, though the lack of notice from CTS has placed them in a position where they still have to develop a fix from scratch, leaving systems vulnerable in the meantime. It is possible that these issues are not as bad a CTS Labs fears, though they have regardless placed AMD in an awkward position. Below is a statement from an AMD spokesperson, as seen on CNET.


    At AMD, security is a top priority and we are continually working to ensure the safety of our users as new risks arise. We are investigating this report, which we just received, to understand the methodology and merit of the findings,


    The four major vulnerabilities that were found by CTS Labs are called Ryzenfall, Masterkey, Fallout and Chimera, each of which affects some or all of AMD's Ryzen CPU lineup. AMD is yet to confirm whether or not CTS Labs' reports are correct, mostly due to their lack of a standard vulnerability disclosure period.

    CTS Labs has stated in the video below that they want to "bring it [the issue] to public awareness before it becomes a real problem for society, not after". Sadly what they may have done was disclose critical vulnerabilities before anyone had the chance to mitigate its effects, carelessly leaving Ryzen-powered systems insecure in the process.



    More information about CTS Labs' reported vulnerabilities is available on amdflaws.com, citing issues with AMD's Ryzen chipset design (which uses ASMedia IP) and AMD's Secure Processor. Expect more information about these exploits to be released over the coming days and weeks.

    At this time AMD has not validated that any of these exploits work, which means that these exploits could still be proven to be false, a mistake from CTS or an outright fabrication. Regardless CTS Labs' reported 24 hours of notice is downright shady, breaking proper protocol and leaving countless systems vulnerable if their reports are true.

    CTS Labs was founded in 2017, acting as a "cyber-security consultancy firm specialising in ASIC and embedded systems security". As a newcomer to the industry, the company's quick public disclosure could be attributed to inexperience, though the way that this has gone down cannot be described as anything other than questionable and shady.

    At this time these security concerns seem overblown, with CTS' whitepaper seemingly detailing issues that can only arise when combined with heightened security privileges, signed drivers or bios modification, all things that shouldn't be a problem for most users.

    Update - Below is an official statement from AMD which says that CTS Labs was previously unknown to AMD and that they find it unusual for a security firm to publish its findings without providing the affected party with a reasonabl

    e amount of time/disclosure to either investigate or address the issue.


    We have just received a report from a company called CTS Labs claiming there are potential security vulnerabilities related to certain of our processors. We are actively investigating and analyzing its findings. This company was previously unknown to AMD and we find it unusual for a security firm to publish its research to the press without providing a reasonable amount of time for the company to investigate and address its findings. At AMD, security is a top priority and we are continually working to ensure the safety of our users as potential new risks arise. We will update this blog as news develops.

    Source:Severe processor vulnerabilities discovered on AMD Ryzen Processors - 13 vulnerabilities reported
     
  2. Nerevarine

    Nerevarine Well-Known Member

    Joined:
    Feb 6, 2011
    Messages:
    6,257
    Likes Received:
    257
    Trophy Points:
    83
    Location:
    Pune
     
    gta5 likes this.
  3. billubakra

    billubakra Well-Known Member

    Joined:
    Dec 18, 2012
    Messages:
    3,131
    Likes Received:
    234
    Trophy Points:
    63
    In a nutshell any fix? Sorry couldn't read the whole post.
     
  4. whitestar_999

    whitestar_999 Super Moderator

    Joined:
    Nov 7, 2011
    Messages:
    8,114
    Likes Received:
    796
    Trophy Points:
    113
    Location:
    NCR
    Fishy story:
    https://www.ensilo.com/faq/chimera-ryzenfall-fallout-masterkey/
    Security Firm Under Fire Over Disclosure of AMD Chip Flaws | SecurityWeek.Com
     
  5. billubakra

    billubakra Well-Known Member

    Joined:
    Dec 18, 2012
    Messages:
    3,131
    Likes Received:
    234
    Trophy Points:
    63
  6. OP
    OP
    bssunilreddy

    bssunilreddy Well-Known Member

    Joined:
    Apr 5, 2004
    Messages:
    13,136
    Likes Received:
    799
    Trophy Points:
    113
    Location:
    Hyderabad
    AMDFLAWS
    A raft of flaws in AMD chips makes bad hacks much, much worse

    In our opinion, the basic nature of some of these vulnerabilities amounts to complete disregard of fundamental security principles. This raises concerning questions regarding security practices, auditing, and quality controls at AMD.
     
    billubakra likes this.
  7. whitestar_999

    whitestar_999 Super Moderator

    Joined:
    Nov 7, 2011
    Messages:
    8,114
    Likes Received:
    796
    Trophy Points:
    113
    Location:
    NCR
    In simple english,all these vulnerabilities require admin privilege to run & install a special maliciously signed driver/flash bios but if a hacker already has admin privilege to do all this then that system is already compromised.Only worrying thing is that one of the vulnerability can result in hiding malware inside the processor which can survive even a reinstall of OS.However all this is still not officially confirmed by AMD so first let's wait for that.
     
  8. chimera201

    chimera201 Well-Known Member

    Joined:
    Apr 20, 2015
    Messages:
    1,269
    Likes Received:
    118
    Trophy Points:
    63
    Suspicious. Wait for confirmation from third party security researchers.
     
  9. billubakra

    billubakra Well-Known Member

    Joined:
    Dec 18, 2012
    Messages:
    3,131
    Likes Received:
    234
    Trophy Points:
    63
    I wonder if any hacker in the world will be so free to look into my pc.
     
  10. whitestar_999

    whitestar_999 Super Moderator

    Joined:
    Nov 7, 2011
    Messages:
    8,114
    Likes Received:
    796
    Trophy Points:
    113
    Location:
    NCR
    No one unless you decide to send some really offensive mail or threat to some 3 letter/similar agency.
     
    bssunilreddy likes this.
  11. OP
    OP
    bssunilreddy

    bssunilreddy Well-Known Member

    Joined:
    Apr 5, 2004
    Messages:
    13,136
    Likes Received:
    799
    Trophy Points:
    113
    Location:
    Hyderabad
    If any software that you download has already a malicious code injected into it then AMD Ryzen processors or systems cannot mitigate from such a threat.

    Sent from my Smartron SRT kT5524 using Tapatalk
     
  12. Hrishi

    Hrishi ******************

    Joined:
    Jun 25, 2012
    Messages:
    3,120
    Likes Received:
    47
    Trophy Points:
    48
    Location:
    D:\ E:\ L:\ H:\ I:\
    Common folks should take more interest in the basics (first) than to pee in their pants over such news, nonetheless.

    You're more prone to someone phishing/luring the crap out of you than becoming a victim of EOP exploits or remote flaw execution, buffer overflow etc.


    Sent from my ONE E1003 using Tapatalk
     
    bssunilreddy likes this.
  13. whitestar_999

    whitestar_999 Super Moderator

    Joined:
    Nov 7, 2011
    Messages:
    8,114
    Likes Received:
    796
    Trophy Points:
    113
    Location:
    NCR
    That's not correct.All these exploits require having admin privilege first & even after that you need to flash a specially made bios &/or a specially made malicious signed driver(aka not just any driver,from a specific company meaning you probably need to hack that company servers too first). There is no "malicious software" which when simply run(unless run as admin) can exploit all these vulnerabilities.
     
  14. OP
    OP
    bssunilreddy

    bssunilreddy Well-Known Member

    Joined:
    Apr 5, 2004
    Messages:
    13,136
    Likes Received:
    799
    Trophy Points:
    113
    Location:
    Hyderabad
    Normally while installing any new software in Windows 1o it usually asks for admin privileges right?
    Like this any maliciously written software can be installed by us without us end-users knowing right?
     
  15. billubakra

    billubakra Well-Known Member

    Joined:
    Dec 18, 2012
    Messages:
    3,131
    Likes Received:
    234
    Trophy Points:
    63
    Good thing, I won't be doing that.

    I don't download or install crap softwares anyway.
     
  16. whitestar_999

    whitestar_999 Super Moderator

    Joined:
    Nov 7, 2011
    Messages:
    8,114
    Likes Received:
    796
    Trophy Points:
    113
    Location:
    NCR
    When we talk about malware we usually mean malicious scripts,malicious web pages,few hundred kb exe not a full software download containing a driver & bios.Also by this logic of "allowing malicious software to install" nothing is safe & any processor & OS can be infected.As I said let's wait for AMD's official reply & more reputable 3rd party security sites reviews after that.
     
  17. quicky008

    quicky008 Well-Known Member

    Joined:
    Nov 27, 2007
    Messages:
    1,562
    Likes Received:
    41
    Trophy Points:
    48
    Location:
    Kolkata
    So have the findings of this security agency been validated yet by any other reputable source/security firm?Are these risks really as serious as have been portrayed by this company,or is it just a case of gross exaggeration for ulterior motives?

    Now that these flaws have been unveiled,is it a good idea to go for a ryzen based system anymore?
     
  18. OP
    OP
    bssunilreddy

    bssunilreddy Well-Known Member

    Joined:
    Apr 5, 2004
    Messages:
    13,136
    Likes Received:
    799
    Trophy Points:
    113
    Location:
    Hyderabad
    Linus Torvalds casts shade on CTS Labs' AMD CPU flaw disclosure | TheINQUIRER
    Chaos reigns as Ryzenfall pits security researchers against each other
     
  19. whitestar_999

    whitestar_999 Super Moderator

    Joined:
    Nov 7, 2011
    Messages:
    8,114
    Likes Received:
    796
    Trophy Points:
    113
    Location:
    NCR
    As of now general consensus is "gross exaggeration".Ryzen is still better than intel.
     
    billubakra likes this.

Share This Page