Jump to content
  • SeedTheNet
  • Return Address Security Bulletin - AMD Inception Attack


    SeedTheNet

    Return Address Security Bulletin

    Bulletin ID: AMD-SB-7005
    Potential Impact: Data Confidentiality
    Severity: Medium

    Summary

    AMD has received an external report titled ‘INCEPTION’, describing a new speculative side channel attack. The attack can result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. This attack is similar to previous branch prediction-based attacks like Spectrev2 and Branch Type Confusion (BTC)/RetBleed. As with similar attacks, speculation is constrained within the current address space and to exploit, an attacker must have knowledge of the address space and control of sufficient registers at the time of RET (return from procedure) speculation. Hence, AMD believes this vulnerability is only potentially exploitable locally, such as via downloaded malware, and recommends customers employ security best practices, including running up-to-date software and malware detection tools.

    AMD is not aware of any exploit of ‘Inception’ outside the research environment at this time.

    Refer to Glossary for explanation of terms

    CVE Details

    CVE-2023-20569

    A side channel vulnerability in some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled instruction pointer register, potentially leading to information disclosure.

    Mitigation

    AMD recommends customers apply either the standalone µcode patch or a BIOS update that incorporates the µcode patch, as applicable, for products based on “Zen 3” and “Zen 4” CPU architectures. AMD plans to release updated AGESA™ versions to Original Equipment Manufacturers (OEM), Original Design Manufacturers (ODM) and motherboard manufacturers (MB) on the target dates listed below. Please refer to your OEM, ODM, or MB for a BIOS update specific to your product, which will follow after the dates listed below, as applicable.

    AMD recommends customers apply either the standalone µcode patch or a BIOS update that incorporates the µcode patch, as applicable, for products based on “Zen 3” and “Zen 4” CPU architectures. AMD plans to release updated AGESA™ versions to Original Equipment Manufacturers (OEM), Original Design Manufacturers (ODM) and motherboard manufacturers (MB) on the target dates listed below. Please refer to your OEM, ODM, or MB for a BIOS update specific to your product, which will follow after the dates listed below, as applicable. No µcode patch or BIOS update, which includes the µcode patch, is necessary for products based on “Zen” or “Zen 2” CPU architectures because these architectures are already designed to flush branch type predictions from the branch predictor.

    Operating system (OS) configuration options may also be available to help mitigate certain aspects of this vulnerability. AMD recommends users evaluate their risk environment (including the risk of running untrusted local code) when deciding on OS mitigation options and refer to OS-specific documentation for guidance. “Zen 3” and “Zen 4” based systems will require the µcode patch, which is incorporated in the BIOS update, prior to enabling OS configuration options.

     

    image.png.542a3b489dd3fd24d749dba446ddc820.png

     

    image.png.23a63da685177264529dc656998dfba4.png

    image.png.066b85d02ca003fe7e78a8bd1017295e.png 

    image.png


    User Feedback

    Recommended Comments

    There are no comments to display.



    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now

×
×
  • Create New...

Important Information

Privacy Policy