About

All AMD CPUs affected with meltdown vulnerability

AMD has confirmed that all AMD CPUs are affected with a meltdown like vulnerability that impacted Intel CPUs earlier. The vulnerability was found by security researchers, Saidgani Musaev, Rodrigo Branco, Kekai Hu, and Ke Sun. The vulnerability was last found in October 2020. The security researchers waited for AMD to prepare a response to the vulnerability that falls under the category of data leakage with a MEDIUM impact.

What is the vulnerability on AMD processors?

The meltdown like vulnerability affects all the AMD processors. Until last week, the vulnerability was said to have impacted only the AMD Zen+ and Zen 2 processors. AMD revised the guidelines and stated that the vulnerability affects all the AMD processors. As part of the vulnerability AMD CPUs may transiently execute non-canonical loads and store using only the lower 48 address bits, thereby causing data leakage.

Mitigation

Mitigation for the processor speculation and information leakage vulnerability on AMD CPUs has been listed by AMD in a security document. AMD’s security document can be downloaded from this link.

As per AMD’s statement on its website –

AMD recommends that SW vendors analyze their code for any potential vulnerabilities related to this type of transient execution. Potential vulnerabilities can be addressed by inserting an LFENCE or using existing speculation mitigation techniques as described in the AMD speculation mitigation technique document.

from AMD website