Related Research Articles
Athlon is the brand name applied to a series of x86-compatible microprocessors designed and manufactured by AMD. The original Athlon was the first seventh-generation x86 processor and the first desktop processor to reach speeds of one gigahertz (GHz). It made its debut as AMD's high-end processor brand on June 23, 1999. Over the years AMD has used the Athlon name with the 64-bit Athlon 64 architecture, the Athlon II, and Accelerated Processing Unit (APU) chips targeting the Socket AM1 desktop SoC architecture, and Socket AM4 Zen (microarchitecture). The modern Zen-based Athlon with a Radeon Graphics processor was introduced in 2019 as AMD's highest-performance entry-level processor.
Vulnerabilities are flaws in a computer system that weaken the overall security of the system.
The Intel Management Engine (ME), also known as the Intel Manageability Engine, is an autonomous subsystem that has been incorporated in virtually all of Intel's processor chipsets since 2008. It is located in the Platform Controller Hub of modern Intel motherboards.
Zen is a family of computer processor microarchitectures from AMD, first launched in February 2017 with the first generation of its Ryzen CPUs. It is used in Ryzen, Ryzen Threadripper, and Epyc (server).
Zen is the first iteration in the Zen family of computer processor microarchitectures from AMD. It was first used with their Ryzen series of CPUs in February 2017. The first Zen-based preview system was demonstrated at E3 2016, and first substantially detailed at an event hosted a block away from the Intel Developer Forum 2016. The first Zen-based CPUs, codenamed "Summit Ridge", reached the market in early March 2017, Zen-derived Epyc server processors launched in June 2017 and Zen-based APUs arrived in November 2017.
Socket AM4 is a PGA microprocessor socket used by AMD's central processing units (CPUs) built on the Zen and Excavator microarchitectures.
Zen 2 is a computer processor microarchitecture by AMD. It is the successor of AMD's Zen and Zen+ microarchitectures, and is fabricated on the 7 nm MOSFET node from TSMC. The microarchitecture powers the third generation of Ryzen processors, known as Ryzen 3000 for the mainstream desktop chips, Ryzen 4000U/H and Ryzen 5000U for mobile applications, as Threadripper 3000 for high-end desktop systems, and as Ryzen 4000G for accelerated processing units (APUs). The Ryzen 3000 series CPUs were released on 7 July 2019, while the Zen 2-based Epyc server CPUs were released on 7 August 2019. An additional chip, the Ryzen 9 3950X, was released in November 2019.
Ryzen is a brand of multi-core x86-64 microprocessors designed and marketed by Advanced Micro Devices (AMD) for desktop, mobile, server, and embedded platforms based on the Zen microarchitecture. It consists of central processing units (CPUs) marketed for mainstream, enthusiast, server, and workstation segments and accelerated processing units (APUs) marketed for mainstream and entry-level segments and embedded systems applications.
Zen+ is the name for a computer processor microarchitecture by AMD. It is the successor to the first gen Zen microarchitecture, and was first released in April 2018, powering the second generation of Ryzen processors, known as Ryzen 2000 for mainstream desktop systems, Threadripper 2000 for high-end desktop setups and Ryzen 3000G for accelerated processing units (APUs).
Meltdown is one of the two original transient execution CPU vulnerabilities. Meltdown affects Intel x86 microprocessors, IBM Power microprocessors, and some ARM-based microprocessors. It allows a rogue process to read all memory, even when it is not authorized to do so.
Spectre is one of the two original transient execution CPU vulnerabilities, which involve microarchitectural side-channel attacks. These affect modern microprocessors that perform branch prediction and other forms of speculation. On most processors, the speculative execution resulting from a branch misprediction may leave observable side effects that may reveal private data to attackers. For example, if the pattern of memory accesses performed by such speculative execution depends on private data, the resulting state of the data cache constitutes a side channel through which an attacker may be able to extract information about the private data using a timing attack.
The AMD Platform Security Processor (PSP), officially known as AMD Secure Technology, is a trusted execution environment subsystem incorporated since about 2013 into AMD microprocessors. According to an AMD developer's guide, the subsystem is "responsible for creating, monitoring and maintaining the security environment" and "its functions include managing the boot process, initializing various security related mechanisms, and monitoring the system for any suspicious activity or events and implementing an appropriate response". Critics worry it can be used as a backdoor and is a security concern. AMD has denied requests to open source the code that runs on the PSP.
Speculative Store Bypass (SSB) is the name given to a hardware security vulnerability and its exploitation that takes advantage of speculative execution in a similar way to the Meltdown and Spectre security vulnerabilities. It affects the ARM, AMD and Intel families of processors. It was discovered by researchers at Microsoft Security Response Center and Google Project Zero (GPZ). After being leaked on 3 May 2018 as part of a group of eight additional Spectre-class flaws provisionally named Spectre-NG, it was first disclosed to the public as "Variant 4" on 21 May 2018, alongside a related speculative execution vulnerability designated "Variant 3a".
Foreshadow, known as L1 Terminal Fault (L1TF) by Intel, is a vulnerability that affects modern microprocessors that was first discovered by two independent teams of researchers in January 2018, but was first disclosed to the public on 14 August 2018. The vulnerability is a speculative execution attack on Intel processors that may result in the disclosure of sensitive information stored in personal computers and third-party clouds. There are two versions: the first version (original/Foreshadow) targets data from SGX enclaves; and the second version (next-generation/Foreshadow-NG) targets virtual machines (VMs), hypervisors (VMM), operating systems (OS) kernel memory, and System Management Mode (SMM) memory. A listing of affected Intel hardware has been posted.
Transient execution CPU vulnerabilities are vulnerabilities in a computer system in which a speculative execution optimization implemented in a microprocessor is exploited to leak secret data to an unauthorized party. The archetype is Spectre, and transient execution attacks like Spectre belong to the cache-attack category, one of several categories of side-channel attacks. Since January 2018 many different cache-attack vulnerabilities have been identified.
Zen 5 is the name for a CPU microarchitecture by AMD, shown on their roadmap in May 2022, launched for mobile in July 2024 and for desktop in August 2024. It is the successor to Zen 4 and is currently fabricated on TSMC's N4X process. Zen 5 is also planned to be fabricated on the N3E process in the future.
Socket AM5 is a zero insertion force flip-chip land grid array (LGA) CPU socket designed by AMD that is used for AMD Ryzen microprocessors starting with the Zen 4 microarchitecture. AM5 was launched in September 2022 and is the successor to AM4.
LogoFAIL is a security vulnerability and exploit thereof that affects computer motherboard firmware with TianoCore EDK II, including Insyde Software's InsydeH2O modules and similar code in AMI and Phoenix firmware, which are commonly found on both Intel and AMD motherboards, and which enable loading of custom boot logos. The exploit was discovered in December 2023 by researchers at Binarly.
References
- 1 2 Anton Shilov (August 9, 2024). "AMD's 'Sinkclose' vulnerability affects hundreds of millions of processors, enables data theft — AMD begins patching issue in critical chip lines, more to follow". Tom's Hardware.
- 1 2 Andy Edser (August 12, 2024). "Millions of AMD CPUs found vulnerable to 18-year-old 'Sinkclose' deep-system flaw but it's pretty difficult to exploit". PC Gamer.
- ↑ Aaron Klotz (August 19, 2024). "Ryzen 3000 fix for 'Sinkclose' vulnerability arrives tomorrow — AMD reverses course and will patch Ryzen 3000 after all". Tom's Hardware.