AMD confirms security vulnerability in every Zen 1 to Zen 5 processor

As an Amazon Associate, we earn from qualifying purchases. TweakTown may also earn commissions from other affiliate partners at no extra cost to you.

AMD has confirmed a flaw within its signature verification for microcode updates within Zen 1 to Zen 5 CPUs. This security flaw has been dubbed "EntrySign" and enables attackers to gain kernel-level access.

2

Last month, AMD confirmed the flaw impacts the first four generations of its Zen CPUs, which include everything from desktop processors to the company's server-based EPYC chips. Now, AMD has confirmed its latest Zen 5 generation is also affected by this security flaw. The crux of the problem can be traced back to AMD's signature verification for microcode updates, which are critical updates AMD rolls out to fix any bugs, improve the stability of the chip, optimize performance, or provide security fixes to vulnerabilities.

The typical order of process is that an operating system or firmware loads the microcode that AMD has signed off on as secure and safe by running it through its verification process, but EntrySign is a vulnerability that enables attackers with ring 0 or kernel-level access to bypass safeguards. What is reassuring is that AMD has already rolled out a fix for the vulnerability to motherboard vendors via the ComboAM5PI 1.2.0.3c AGESA update.

Researchers from Google have provided AMD with a report titled "AMD Microcode Signature Verification Vulnerability." This vulnerability may allow an attacker with system administrative privilege to load malicious CPU microcode patches. In the report, the researchers describe how they were able to load patches that were not signed by AMD. The researchers also demonstrate how they falsified signatures for arbitrary microcode patches. AMD has not received any reports of this attack occurring in any system.

AMD believes this issue is caused by a weakness in signature verification algorithm that could allow an administrator privileged attacker to load arbitrary microcode patches. AMD plans to issue mitigations to fix this issue. Please see below for additional details.

What is also good news for general consumers is that a system restart flushes any malicious code that is loaded onto a system through this method. Additionally, a hack through this method will also already need high-level system privileges, meaning the risk for general consumers here is relatively low. However, it's still advised to carry out the update as soon as possible.