AMD Ryzen CPUs vulnerable to inception attack

Share post:

Researchers from ETH Zurich have discovered a new security vulnerability in AMD Ryzen CPUs that could allow attackers to leak kernel memory and access sensitive files. The vulnerability, called “Inception,” is a speculative execution-based side-channel attack that is similar to the Spectre and Meltdown vulnerabilities that affected Intel CPUs in 2018.

Inception affects all AMD Ryzen CPUs with Zen cores, including desktop, laptop, and server processors. This would enable malevolent actors to extract the ‘/etc/shadow’ file from a Linux machine within 40 minutes. This leaked file is reported to contain encrypted user account passwords, exclusively accessible to the root user.

Researchers substantiated their findings through a proof-of-concept demonstration, showcasing the leakage of kernel memory at a up to 39 bytes per second on Zen 4 processors. The threat actors also harnessed a previously identified vulnerability, termed ‘Phantom speculation,’ to devise a new category of transient execution attacks called ‘Training in Transient Execution (TTE).’ This new approach became the foundation for ‘Inception.’ Designated as CVE-2023-20569.

AMD has acknowledged the Inception vulnerability and is working on a fix. In the meantime, users of AMD Ryzen CPUs should update their operating systems and BIOS to the latest available versions.

The sources for this piece include an article in TechSpot.


Related articles

Security research team claims to have helped avert a major supply chain attack

JFrog Security Research team continuously scans public repositories such as Docker Hub, NPM, and PyPI to identify malicious...

Phishing attacks on state and local governments surge by 360%

Phishing attacks targeting state and local governments have surged by 360% between May 2023 and May 2024, according...

What is Ticketmaster saying to its customers?

Here's the letter that has been sent out out to Ticketmaster clients that a reader sent to me....

Cyber Security Today, July 8, 2024 – New ransomware group discovered, and summer podcast break starts

A new ransomware group is discovered. Welcome to Cyber Security Today. It's Monday July 8th, 2024. I'm Howard Solomon,...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways