Vulnerability Exposes To Data Theft
AMD processors manufactured between 2011 and 2019 are vulnerable to two attacks – Collide+ Probe and Load+ Reload – both a subset of the ‘Take A Way' vulnerability, according to a paper published by researchers at the Graz University of Technology and first reported by Tom's Hardware.
These vulnerabilities, according to the report, could leak secret data from the processors or downgrade security features by manipulating the L1D cache predictor.
L1D cache way predictor, according to a Zdnet report, is a feature introduced in AMD processors in 2011 that serves to reduce power consumption by improving the way the CPU handles the cache data inside its memory.
The researchers had conveyed the vulnerabilities to AMD in August 2019 but the company hasn't fixed them yet, the report said.
AMD: ‘Not New Speculation-Based Attacks'
Responding to the vulnerabilities made public, AMD said in a release it's aware of the new white paper that claimed potential security exploits in AMD CPUs.
The company said these are not "new speculation-based attacks."
Detailing best practices that can counter any potential side-channel issues, AMD recommended keeping OS up-to-date by operating the latest version revisions of platform software and firmware, which include existing mitigations for speculation-based vulnerabilities.
The company also recommended secure coding methodologies, implementing the latest patched versions of critical libraries and using safe computer practice and running antivirus software.
AMD Price Action
AMD shares were down 4.67% to $46.22.