new AMD bugs/vulnr #8
Edzo Botjes (edzob)
started this conversation in
Ideas
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
https://www.tomshardware.com/news/amd-discloses-31-new-cpu-vulnerabilities
AMD has also listed 28 vulnerabilities for its EPYC processors, four of which are high severity. Three of the high-severity variants enable arbitrary code execution through various attack vectors, while one allows writing data to certain regions that can lead to loss of data integrity and availability. Researchers also unearthed 15 other vulnerabilities ranked as medium severity and nine low-severity vulnerabilities.
AMD's chips have long been known for having fewer known vulnerabilities than Intel's models. However, it's hard to ascertain if the initially limited discoveries in AMD processors were due to a security-first approach to hardened processor design, or if researchers and attackers merely focused on Intel's processors due to their commanding market share: Attackers almost always focus on the broadest cross-section possible.
As such, AMD's recent success in clawing away market share from Intel, especially in the security-focused data center market, will find researchers turning their eyes more toward AMD's architectures in search of potential security gaps. AMD has also had several other new vulnerability disclosures in the recent past, including a Meltdown-esque variant that requires software re-coding, along with Hertzbleed and Take A Way.
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1032
Beta Was this translation helpful? Give feedback.
All reactions