Skip to main content

AMD’s defenses against Spectre V2 may be inadequate

Just a few days ago, Intel and ARM chips were once again found to be affected by the Spectre V2 vulnerability, also known as branch history injection (BHI). AMD processors were thought to be safe at the time.

Unfortunately, further research shows that AMD is not immune to Spectre V2, and its previous measures may be inadequate, bringing performance drops of up to 54%.

The AMD Ryzen 5000 APU against a red background.
Image used with permission by copyright holder

Spectre and Meltdown flaws were first found in December 2017, and during the initial attack, Intel, Arm, and AMD chips were all affected. When Spectre reemerged just last week, AMD seemed to get away unscathed due to the different architecture of its chips, but Intel and Arm chips were hit hard.

On Intel CPUs, Spectre is a proof-of-concept exploit that introduces malicious code into the computer’s kernel, opening the door to a wide range of vulnerabilities, such as the extraction of personal data and passwords. Spectre V2 is said to affect Intel processors released within the last few years, including the latest Intel Alder Lake CPUs.

This time around, AMD initially seemed to be doing fine in the face of BHI, but according to Intel researchers, AMD’s chipset may still have code exposures. AMD, just like the other two chip giants, had introduced certain security measures when Spectre was first discovered in 2017. Experts from Team Red assured that these measures are still in place and are helping its chips avoid the attack. This may not be quite as true as AMD would like it to be.

As detailed by the VUSec group at Vrije Universiteit Amsterdam, AMD used the Retpoline strategy to mitigate Spectre V2. According to the research team, the generic Retpoline code is inadequate and insufficient to combat Spectre V2. AMD disagrees with this, stating that its own hardware does a better job of utilizing the Retpoline strategy.

Phoronix benchmarks of AMD CPUs.
Image source: Phoronix Image used with permission by copyright holder

Phoronix has also analyzed the performance of AMD CPUs with the Retpoline mitigations enabled and found performance drops of up to 54% in some tests. This implies that AMD’s solution, while seemingly effective in mitigating the attacks this time around, may have an adverse impact on Zen-based processors.

AMD was made aware of the findings of these research teams and issued an official recommendation, talking about the affected products and their mitigation measures. Using Linux, users can choose which mitigation against Spectre V2 is being used at boot time. AMD continues to encourage users to utilize the generic Retpoline.

The Intel research team that wrote a paper about this seemingly disagrees with the approach, stating: “The effectiveness of this mitigation can be compromised by the inherent race condition between the speculative execution of the predicted target and the architectural resolution of the intended target, since this can create a window in which code can still be transiently executed.”

Wccftech compiled the various sources and initially shared the news. One could assume that Intel would be pleased to find issues with AMD’s chips, but with vulnerabilities as large as Spectre V2, chipmakers tend to work together in order to minimize risks. However, AMD seems confident in its fixes.

Editors' Recommendations

Monica J. White
Monica is a UK-based freelance writer and self-proclaimed geek. A firm believer in the "PC building is just like expensive…
Vulnerability steals data from Intel and AMD CPUs — and you’re probably affected
A technician placing a CPU into a motherboard socket for a PC.

Researchers just outlined a new vulnerability that affects processor chips -- and it's called Hertzbleed. If used to conduct a cybersecurity attack, this vulnerability can help the attacker steal secret cryptographic keys.

The scale of the vulnerability is somewhat staggering: According to the researchers, most Intel and AMD CPUs might be impacted. Should we be worried about Hertzbleed?

Read more
AMD RDNA 2 refresh may compete with Nvidia RTX 3090 Ti
Promotional image of an AMD Radeon RX 6000-series graphics card.

The first synthetic benchmarks of the upcoming AMD RDNA 2 graphics cards have just leaked, and some of the tests look very promising for AMD.

According to these benchmarks, the AMD Radeon RX 6950 XT may be able to compete against the Nvidia GeForce RTX 3090 Ti.

Read more
AMD Ryzen 7 5800X3D shines in gaming benchmarks, beats Intel
AMD Ryzen 7 5800X3D box.

AMD Ryzen 7 5800X3D continues being tested in gaming ahead of the embargo lift, and the results are very encouraging -- the CPU manages to keep up with the Intel Core i9-12900KF.

The processors were matched up in a variety of titles. In one of the tests, the 3D V-Cache AMD CPU actually beat Intel by nearly 30%.

Read more