Announcement

Collapse
No announcement yet.

AMD "INCEPTION" CPU Vulnerability Disclosed

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    AMD "INCEPTION" CPU Vulnerability Disclosed

    Phoronix: AMD "INCEPTION" CPU Vulnerability Disclosed

    AMD has kicked off a busy Patch Tuesday by disclosing INCEPTION, a new speculative side channel attack affecting Zen 3 and Zen 4 processors...

    AMD "INCEPTION" CPU Vulnerability Disclosed - Phoronix
    https://www.phoronix.com/news/AMD-INCEPTION
    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
    Tags: None
  • #2
    Proof of Concept Video
    https://youtu.be/2wCjU8iJ9G4

    Obviously more info will be given at USENIX in the coming days.

    Comment

    • #3
      Did AMD "batch" their vulnerability announcement with Intel?

      Seems like a huge coincidence.
      • Likes 3

      Comment

      • #4
        Originally posted by brucethemoose View Post
        Did AMD "batch" their vulnerability announcement with Intel?

        Seems like a huge coincidence.
        It's Patch Tuesday
        Michael Larabel
        https://www.michaellarabel.com/
        • Likes 13

        Comment

        • #5
          Originally posted by brucethemoose View Post
          Did AMD "batch" their vulnerability announcement with Intel?

          Seems like a huge coincidence.
          Both vulnerabilities are set to be presented at the Black Hat cybersecurity conference this week.
          • Likes 1

          Comment

          • #6
            AMD says to update the ucode, but their page only lists fixed ucode versions for their EPYC processors. Will that version patch the vulnerability on (say) my Rembrandt laptop, or is this another Zenbleed situation where they don't have a fix for client chips at disclosure-time?
            • Likes 1

            Comment

            • #7
              Originally posted by saladin View Post
              AMD says to update the ucode, but their page only lists fixed ucode versions for their EPYC processors. Will that version patch the vulnerability on (say) my Rembrandt laptop, or is this another Zenbleed situation where they don't have a fix for client chips at disclosure-time?
              No, for some reason AMD makes it so the microcode included with AGESA on consumer hardware has a higher level.
              Code:
              [    1.275333] microcode: CPU0: patch_level=0x0a201025
              This ends up always being higher than what is provided in the microcode blob.
              Code:
               Family=0x19 Model=0x01 Stepping=0x00: Patch=0x0a001079 Length=5568 bytes
              I believe the microcode included in linux-firmware is only for EPYC and server hardware, since the estimates AMD has on the webpage for including into EPYC/Threadripper AGESA is December 2023.

              Your only solution is to wait for the mitigation to reach your distribution's kernel, compile your own kernel with the fix, or wait until your board vendor releases a firmware update with the new AGESA. Supposedly AMD is going to this month (or already is) seed the AGESA out to vendors, which means you may have an additional delay until they package it into a new firmware and release it.
              • Likes 4

              Comment

              • #8
                What about benchmarks such as with Intel's Downfall too?
                • Likes 1

                Comment

                Previous template Next
                Working...
                X