According to Tom’s Hardware, Intel’s security team identified a hole in AMD’s years-old remedy against Spectre-based vulnerabilities while doing its own study. In response, AMD has issued an update to its security bulletin, recommending an alternate mitigation method and providing additional guidance to software developers.
Spectre is a security issue that affects nearly all recent Intel and AMD processors and allows attackers to access critical data while remaining undetected. Researchers discovered last week that Intel and Arm CPUs are vulnerable to a new type of Spectre v2 attack called Branch History Injection, but it is only a proof-of-concept (BHI).
During Intel’s examination into this new potential vulnerability, the company investigated AMD’s LFENCE/JMP Spectre protection, which it has been using since 2018. Surprisingly, experts discovered that it did not provide effective protection against the threat. According to AMD’s security bulletin, the newly identified security weakness affects second and third-generation Threadrippers as well as versions of AMD Ryzen processors on both laptops and desktop models. The researchers who discovered the new weakness ran their exploit on a Linux system and suggested mitigations such as the Retpoline fixes and disabling unprivileged eBPF on Linux systems that don’t already have it disabled. So yet, there have been no reports of the hack being used on other systems such as Windows.
Patches for Spectre-related vulnerabilities have been known to degrade performance, particularly on older hardware. The folks at testing platform Phoronix investigated the impact of the early patches on both AMD and Intel chips in 2019 and discovered that Intel chips are significantly more likely to be bogged down by performance issues as a result of their fixes, whereas AMD CPUs are far less affected.