Execution Unit Scheduler Contention Side-Channel Vulnerability on AMD Processors

Staff

Bulletin ID: AMD-SB-1039
Potential Impact: Information Disclosure
Severity: Medium

Summary
CVE-2021-46778
Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” and “Zen 3” that use simultaneous multithreading (SMT). By measuring the contention level on scheduler queues an attacker may potentially leak sensitive information.

Affected Products 
Desktop

AMD Ryzen™ 2000 series Desktop processors

AMD Ryzen™ 3000 Series Desktop processors

AMD Ryzen™ 5000 Series Desktop processors

AMD Ryzen™ 4000 Series Desktop processors with Radeon™ graphics

AMD Ryzen™ 5000 Series Desktop processors with Radeon™ graphics

High-End Desktop (HEDT)

2nd Gen AMD Ryzen™ Threadripper™ processors

3rd Gen AMD Ryzen™ Threadripper™ processors

Workstation

AMD Ryzen™ Threadripper™ PRO processors

Mobile

AMD Athlon™ 3000 Series Mobile processors with Radeon™ graphics

AMD Ryzen™ 2000 Series Mobile processors

AMD Ryzen™ 3000 Series Mobile processors, 2nd Gen AMD Ryzen™ Mobile processors with Radeon™ graphics

AMD Ryzen™ 3000 Series Mobile processors with Radeon™ graphics

AMD Ryzen™ 4000 Series Mobile processors with Radeon™ graphics

AMD Ryzen™ 5000 Series Mobile processors with Radeon™ graphics

Chromebook

AMD Athlon™ 3000 Series Mobile processors with Radeon™ graphics

AMD Athlon™ Mobile processors with Radeon™ graphics

AMD Ryzen™ 3000 Series Mobile processors with Radeon™ graphics

Server

1st Gen AMD EPYC™ processors

2nd Gen AMD EPYC™ processors

3rd Gen AMD EPYC™ processors 

Mitigation
AMD recommends software developers employ existing best practices1,2, including constant-time algorithms and avoiding secret-dependent control flows where appropriate to help mitigate this potential vulnerability.

Acknowledgement
AMD thanks the following for reporting these issues and engaging in coordinated vulnerability disclosure:
CVE-2021-46778:

Stefan Gast, Daniel Gruss, Jonas Jiffinger and Martin Schwarzl of Lamarr Security Researcher/Graz University of Technology

Simone Franza, Andreas Kogler and Markus Kostl of Graz University of Technology

Gururaj Saileshwar of Georgia Institute of Technology

References

BearSSL - Constant-Time Crypto

A beginner's guide to constant-time cryptography

Revisions

Revision Date Description
08-09-2022 Initial publication

Source:

https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1039

Click to expand...

clam1952

Well-known member

Power User

VIP

Aug 10, 2022

#2

Oh there's a surprise, the same bunch who dug up the Intel Exploit, obviously working overtime to make a name for themselves.

My Computers

System One System Two

OS

Windows 11 22H2 OS Build 22623.1095

Computer type

PC/Desktop

Manufacturer/Model

Self Build

CPU

AMD Ryzen 7 3800X

Motherboard

Asus PRIME B350-PLUS

Memory

16GB Corsair Vengeance LPX DDR4 @3000Mhz

Graphics Card(s)

ASUS - GeForce RTX 3070 Ti 8 GB TUF GAMING OC

Sound Card

On Board Realtec

Monitor(s) Displays

Acer KA241

Screen Resolution

1920 x 1080 @60Hz

Hard Drives

240GB PNY CS900 SSD - OS
2 x 1TB Crucial MX500 SSD
1 x 500GB Crucial MX300 SSD
2TB Seagate ST2000DM001-1ER164
2TB Seagate ST2000DM008-2FR102

PSU

750 Watt Corsair TX750 Plus

Case

Cooler Master 690 III

Cooling

Akasa AK98 5 Case Fans

Keyboard

Logitech K270 - wireless

Mouse

Logitech - M185 wireless

Internet Speed

BT Fibre 75 Mbps

Browser

Firefox

Antivirus

Windows Defender

Other Info

Use hardware KVM to switch monitors on three PCs and software (input director) to use mouse and keyboard on all 4 PCs.
Operating System

Windows 11 Pro 22H2 build 22621.900

Computer type

PC/Desktop

Manufacturer/Model

Dell Inspiron 3881 - modified with SFX PSU fitted internally

CPU

Intel i5 - 10400

Motherboard

Dell 032w55 version A00

Memory

16GB of HyperX Fury @ 2133 Mhz

Graphics card(s)

EVGA 6GB GTX 1060.

Sound Card

Builtin

Monitor(s) Displays

ACER KA241

Screen Resolution

1920x 1080 @60Hz

Hard Drives

256GB SK hynix NVMe
1TB Western Digital WD10EZEX-75WN4A1

PSU

Modular 450 Watt Corsair SF450 Platinum ( Mod to replace the Dell 265 Watt PSU)

Case

Inspiron Small Desktop

Cooling

Dell stock cooler

Mouse

Dell

Keyboard

Dell

Internet Speed

BT Fibre 75 Mbps

Browser

Firefox

Antivirus

Windows Defender

Other Info

Use hardware KVM to switch monitors on three PCs and software (input director) to use mouse and keyboard on all 4 PCs.

You must log in or register to reply here.

Similar threads

Article

CES 2024: New AMD Ryzen 5000, 8000G, 8040 Series Mobile and Desktop Processors

Replies: 0

Views: 654

Jan 8, 2024

Brink

Article

New AMD Ryzen 8040 Series Mobile Processors

Replies: 1

Views: 662

Tuesday at 12:16 PM

Brink

Article

AMD Zen 2 CPUs vulnerable to ZenBleed data leak bug

Replies: 18

Views: 1K

Aug 30, 2023

maffle

M

Article

CES 2024: New AMD Radeon RX 7600 XT Graphics Card

Replies: 0

Views: 547

Jan 8, 2024

Brink

Article

AMD Introduces Fastest AMD Radeon RX 7900M Laptop Graphics Ever

Replies: 0

Views: 463

Oct 19, 2023

Brink

Completely Disable and Remove Copilot in Windows 11

This tutorial will show you how to completely disable the Windows Copilot feature and remove Copilot from the taskbar, Windows Search, and Microsoft Edge...
Brink

Mar 7, 2024
Enable or Disable Sudo Command in Windows 11

This tutorial will show you how to enable or disable the Sudo command for all users in Windows 11. Starting with Windows 11 build 26052 (Canary and Dev)...
Brink

Feb 8, 2024
Enable or Disable Feeds on Widgets Board in Windows 11

This tutorial will show you how to enable or disable news feeds on the widgets board for your account in Windows 11. Widgets are small windows that display...
Brink

Dec 4, 2023
Use ViVeTool to Enable or Disable Hidden Features in Windows 11

This tutorial will show you how to use ViVeTool to enable or disable hidden features in Windows 10 and Windows 11. ViVeTool is an open source tool that can...
Brink

Dec 1, 2023
Always or Never Combine Taskbar buttons and Hide Labels in Windows 11

This tutorial will show you how to always, when the taskbar is full, or never combine taskbar buttons and hide labels for your account, specific users, or...
Brink

May 24, 2023
Disable Modern Standby in Windows 10 and Windows 11

This tutorial will show you how to disable Modern Standby (S0 Low Power Idle) to enable S3 support on a Windows 10 and Windows 11 device. In Windows 10 and...
Brink

Jan 11, 2022
Disable "Show more options" context menu in Windows 11

This tutorial will show you how to enable or disable having to click on "Show more options" to see the full context menu for your account or all users in...
Brink

Oct 4, 2021
Download Official Windows 11 ISO file from Microsoft

This tutorial will show you how to download an official Windows 11 ISO file from Microsoft. Microsoft provides ISO files for Windows 11 to download. You...
Brink

Aug 19, 2021
Restore Classic File Explorer with Ribbon in Windows 11

This tutorial will show you how to restore the classic File Explorer with Ribbon for your account or all users in Windows 11. File Explorer in Windows 10...
Brink

Jul 19, 2021
Repair Install Windows 11 with an In-place Upgrade

This tutorial will show you how to do a repair install of Windows 11 by performing an in-place upgrade without losing anything. If you need to repair or...
Brink

Jul 5, 2021
Enable or Disable Windows Sandbox in Windows 11

This tutorial will show you how to enable or disable the Windows Sandbox feature for all users in Windows 11 Pro, Enterprise, or Education. Windows Sandbox...
Brink

Jun 30, 2021
Clean Install Windows 11

This tutorial will show you step by step on how to clean install Windows 11 at boot on your PC with or without an Internet connection and setup with a local...
Brink

Jun 22, 2021