Researchers allegedly reveal serious vulnerabilities in AMD processors

Tel Aviv-based hardware security firm CTS Labs dropped a bombshell yesterday (13 March), warning that some AMD processors contain vulnerabilities described as “critical”. The announcement was made via a standalone website, a series of videos and an accompanying whitepaper.

An array of flaws

Many of the claims within the whitepaper are damning, with researchers claiming the existence of “an array of hidden manufacturer backdoors inside AMD’s Promontory chipsets” and saying they Ryzen and Ryzen Pro chipsets could not have passed “even the most rudimentary white-box security review”.

The whitepaper also claims the backdoors were placed in the processors by ASMedia, a Taiwanese manufacturer recently fined by the FTC for ignoring hardware vulnerabilities. According to CTS, the flaws are in AMD’s EPYC, Ryzen, Ryzen Pro and Rzyen Mobile lines of processors.

The four vulnerability classes (13 individual vulnerabilities total) have been labelled Masterkey, Ryzenfall, Fallout and Chimera and require attackers to first gain administrative control of a targeted network or computer (not an impossible feat). Once achieved, bad actors could then exploit the vulnerabilities to run persistent malware, which is near impossible to detect or steal credentials a vulnerable computer uses to access networks, among other nefarious actions.

Scepticism arises

Some people within the security community are sceptical of the report from CTS. Critics of the report have noted highly unusual disclaimers within the report relating to CTS  possibly having “an economic interest in the performance of the securities of the companies” implicated. Many are querying whether CTS could see a financial benefit from a drop in AMD stock prices, which is likely after such a massive threat disclosure. People also noted that CTS only provided AMD with a single day’s grace before publicly releasing the report, with many noting this was not exactly adhering to responsible disclosure guidelines.

AMD told Wired: “We are investigating this report, which we just received, to understand the methodology and merit of the findings.”

Conflicting opinions

Arrigo Triulzi, a Google security researcher, described the research as “over-hyped beyond belief” and many others are worried the claims could be inflated. Security researcher Dan Guido told Ars Technica that all of the vulnerabilities are actionable: “Each of them works as described”. He added: “The package that was shared with me had well-documented, well-described write-ups for each individual bug. They’re not fake. All these things are real. I’m trying to be a measured voice. I’m not hyping them. I’m not dismissing them.”

As they are second-stage vulnerabilities (users must gain access to administrative privileges first), threats could install malicious files without being detected by security software.

While there are doubts being cast as to the marketing around CTS’ findings and the motivation for its release, the core research seems relatively sound.

Close-up of AMD Ryzen 5 1600 CPU on motherboard. Image: Akura Yochi/Shutterstock

The post Researchers allegedly reveal serious vulnerabilities in AMD processors appeared first on Silicon Republic.

Silicon RepublicSilicon Republic