“Speculative Store Bypass” Vulnerability Mitigations for AMD Platforms

👤by Michael Pabia  Comments 📅22.05.2018 08:47:46

Press Release

Microsoft and Google Project Zero researchers have identified a new category of speculative execution side-channel vulnerability they called “Speculative Store Bypass” or SSB. It is closely related to the previously disclosed GPZ/Spectre variant 1 (Spectre) vulnerabilities. Microsoft released an advisory on the vulnerability and mitigation plans.

Speculative Store Bypass/SSB (Assigned as CVE-2018-3639) Executive Summary

An attacker who has successfully exploited this vulnerability may be able to read privileged data across trust boundaries. Vulnerable code patterns in the operating system (OS) or in applications could allow an attacker to exploit this vulnerability. In the case of Just-in-Time (JIT) compilers, such as JavaScript JIT employed by modern web browsers, it may be possible for an attacker to supply JavaScript that produces native code that could give rise to an instance of CVE-2018-3639. However, Microsoft Edge, Internet Explorer, and other major browsers have taken steps to increase the difficulty of successfully creating a side channel.

Read the full advisory from Microsoft here.

Affected AMD Systems

AMD recommended mitigations for SSB are being provided by operating system updates back to the Family 15 processors (“Bulldozer” products). Microsoft is completing final testing and validation of AMD-specific updates for Windows client and server operating systems, which are expected to be released through their standard update process. Similarly, Linux distributors are developing operating system updates for SSB. AMD recommends checking with your OS provider for specific guidance on schedules. For technical details, see the AMD whitepaper.

Based on the difficulty to exploit the vulnerability, AMD and its ecosystem partners currently recommend using the default setting that maintains support for memory disambiguation. AMD have not identified any AMD x86 products susceptible to the Variant 3a vulnerability in this analysis to-date. As a reminder against vulnerabilities, AMD highly recommends keeping OS and BIOS up-to-date whenever updates are available and to run an active antivirus software for security and defence.

Learn more about AMD processor security updates at https://www.amd.com/en/corporate/security-updates

Assigned tags: