August 11, 2023
Researchers from ETH Zurich have discovered a new security vulnerability in AMD Ryzen CPUs that could allow attackers to leak kernel memory and access sensitive files. The vulnerability, called “Inception,” is a speculative execution-based side-channel attack that is similar to the Spectre and Meltdown vulnerabilities that affected Intel CPUs in 2018.
Inception affects all AMD Ryzen CPUs with Zen cores, including desktop, laptop, and server processors. This would enable malevolent actors to extract the ‘/etc/shadow’ file from a Linux machine within 40 minutes. This leaked file is reported to contain encrypted user account passwords, exclusively accessible to the root user.
Researchers substantiated their findings through a proof-of-concept demonstration, showcasing the leakage of kernel memory at a up to 39 bytes per second on Zen 4 processors. The threat actors also harnessed a previously identified vulnerability, termed ‘Phantom speculation,’ to devise a new category of transient execution attacks called ‘Training in Transient Execution (TTE).’ This new approach became the foundation for ‘Inception.’ Designated as CVE-2023-20569.
AMD has acknowledged the Inception vulnerability and is working on a fix. In the meantime, users of AMD Ryzen CPUs should update their operating systems and BIOS to the latest available versions.
The sources for this piece include an article in TechSpot.
