TechPowerUp reports that security researchers discovered a staggering thirteen critical security vulnerabilities for AMD's "Zen" CPU microarchitecture
A quote from the article:
A quote from the article:
Security researchers with Israel-based CTS-Labs, have discovered a staggering thirteen critical security vulnerabilities for AMD's "Zen" CPU microarchitecture, which are as damning the three recent "Meltdown" and "Spectre" vulnerabilities that affect various CPU manufacturers at varying degrees (Intel, AMD, and ARM). The thirteen new CVEs are broadly classified into four groups based on the similarity in function of the processor that they exploit: "Ryzenfall," "Masterkey," "Fallout," and "Chimera."13 Major Vulnerabilities Discovered in AMD Zen Architecture, Including Backdoors @ techPowerUp
The researchers have redacted their whitepapers on each of the 13 new vulnerabilities, and have given AMD time for a response, before threatening to publish their whitepapers. The laws call for a 90-day notice period before a vulnerability is made public, so hardware/software manufacturers have time to address it. The Google Project Zero teams behind Meltdown/Spectre CVEs entered NDAs with chipmakers that lasted months, before they could make their findings public, earlier this year.
