Jump to content
  • Beware: Apple M1 and many AMD Ryzen chips found vulnerable to side-channel SQUIP attacks

    Karlston

    • 383 views
    • 2 minutes
     Share


    • 383 views
    • 2 minutes

    A new CPU vulnerability dubbed “SQUIP”, which is the short for Scheduler Queue Usage via Interference Probing, has been discovered by security researches. Apple M1 processors and AMD Zen-based Ryzen chips, among others, have been found vulnerable to this new security flaw.

     

    The vulnerability is related to the multi-scheduler queues in CPUs. Intel, unlike Apple and AMD, uses a single scheduler in its architecture, which means it is not affected by SQUIP. The latter however use multiple schedulers.

     

    On the AMD side, SKUs with simultaneous multi-threading (SMT) technology are affected, which is nearly every AMD processor SKU out there except for a few models (We have listed them towards the end). The issue is tracked under the ID “CVE-2021-46778”.

     

    Here is a summary and mitigation measures provided by AMD:

     

    Summary

     

    Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” and “Zen 3” that use simultaneous multithreading (SMT). By measuring the contention level on scheduler queues an attacker may potentially leak sensitive information.

     

    Mitigation

     

    AMD recommends software developers employ existing best practices, including constant-time algorithms and avoiding secret-dependent control flows where appropriate to help mitigate this potential vulnerability.

     

    The AMD Ryzen SKUs that are not affected by the SQUIP vulnerability are given below, starting from first-gen Zen 1 to Zen 3:

     

    • Ryzen 1000 (Zen 1)
      • Ryzen 3 1200
      • Ryzen 3 1300X
    • Ryzen 2000 (Zen 1+)
      • Ryzen 3 2300X
    • Ryzen 3000 (Zen 2)
      • Ryzen 5 3500
      • Ryzen 5 3500X
    • Athlon 3000/4000 (Zen 2)
      • Athlon Gold 3150G/GE
      • Athlon Gold 4150G/GE

     

    Aside from the CPUs listed above, all other Ryzen, Athlon, Threadripper and EPYC processors are affected by SQUIP since they come with SMT.

     

    Meanwhile, for Apple, it is said that the M1 is vulnerable to SQUIP. Interestingly, no mention of M2 has been made, which could mean that the flaw has been resolved in the case of the latter.

     

    Source: AMD via The Register (PDF)

     

     

    Beware: Apple M1 and many AMD Ryzen chips found vulnerable to side-channel SQUIP attacks


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...