Vulnerability Management, Threat Management

Novel attack may compromise AMD processors

SecurityWeek reports that AMD processors could be exploited to expose sensitive data using the new Scheduler Queue Usage via Interference Probing, or SQUIP, attack, which was discovered by researchers from the Georgia Institute of Technology, the Graz University of Technology, and the Lamarr Security Research non-profit researcher center. Such an attack involves the measurement of scheduler contention by attackers sharing the victim's hardware core while having a different simultaneous multithreading thread, the study showed. "An attacker running on the same host and CPU core as you could spy on which types of instructions you are executing due to the split-scheduler design on AMD CPUs," said researcher Daniel Gruss. Researchers noted that such an attack may be prevented with a single scheduler design, symmetric schedulers, and isolated hardware threads. Meanwhile, AMD has confirmed that chipsets using the Zen 1, Zen 2, and Zen 3 microarchitectures, including Athlon, EPYC, and Ryzen processors, are affected by the attack.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.