Skip to main content

AMD’s defenses against Spectre V2 may be inadequate

Just a few days ago, Intel and ARM chips were once again found to be affected by the Spectre V2 vulnerability, also known as branch history injection (BHI). AMD processors were thought to be safe at the time.

Unfortunately, further research shows that AMD is not immune to Spectre V2, and its previous measures may be inadequate, bringing performance drops of up to 54%.

Related Videos
The AMD Ryzen 5000 APU against a red background.

Spectre and Meltdown flaws were first found in December 2017, and during the initial attack, Intel, Arm, and AMD chips were all affected. When Spectre reemerged just last week, AMD seemed to get away unscathed due to the different architecture of its chips, but Intel and Arm chips were hit hard.

On Intel CPUs, Spectre is a proof-of-concept exploit that introduces malicious code into the computer’s kernel, opening the door to a wide range of vulnerabilities, such as the extraction of personal data and passwords. Spectre V2 is said to affect Intel processors released within the last few years, including the latest Intel Alder Lake CPUs.

This time around, AMD initially seemed to be doing fine in the face of BHI, but according to Intel researchers, AMD’s chipset may still have code exposures. AMD, just like the other two chip giants, had introduced certain security measures when Spectre was first discovered in 2017. Experts from Team Red assured that these measures are still in place and are helping its chips avoid the attack. This may not be quite as true as AMD would like it to be.

As detailed by the VUSec group at Vrije Universiteit Amsterdam, AMD used the Retpoline strategy to mitigate Spectre V2. According to the research team, the generic Retpoline code is inadequate and insufficient to combat Spectre V2. AMD disagrees with this, stating that its own hardware does a better job of utilizing the Retpoline strategy.

Phoronix benchmarks of AMD CPUs.
Image source: Phoronix

Phoronix has also analyzed the performance of AMD CPUs with the Retpoline mitigations enabled and found performance drops of up to 54% in some tests. This implies that AMD’s solution, while seemingly effective in mitigating the attacks this time around, may have an adverse impact on Zen-based processors.

AMD was made aware of the findings of these research teams and issued an official recommendation, talking about the affected products and their mitigation measures. Using Linux, users can choose which mitigation against Spectre V2 is being used at boot time. AMD continues to encourage users to utilize the generic Retpoline.

The Intel research team that wrote a paper about this seemingly disagrees with the approach, stating: “The effectiveness of this mitigation can be compromised by the inherent race condition between the speculative execution of the predicted target and the architectural resolution of the intended target, since this can create a window in which code can still be transiently executed.”

Wccftech compiled the various sources and initially shared the news. One could assume that Intel would be pleased to find issues with AMD’s chips, but with vulnerabilities as large as Spectre V2, chipmakers tend to work together in order to minimize risks. However, AMD seems confident in its fixes.

Editors' Recommendations

AMD Ryzen 7 5800X3D shines in gaming benchmarks, beats Intel
AMD Ryzen 7 5800X3D box.

AMD Ryzen 7 5800X3D continues being tested in gaming ahead of the embargo lift, and the results are very encouraging -- the CPU manages to keep up with the Intel Core i9-12900KF.

The processors were matched up in a variety of titles. In one of the tests, the 3D V-Cache AMD CPU actually beat Intel by nearly 30%.

Read more
The new AMD socket may support up to 12TB of memory
AMD SP5 socket pictured.

The upcoming SP5 socket for the AMD EPYC Genoa processors has just been leaked, showing the board in its full glory, complete with 12-channel DDR5 support and 128 PCIe Gen 5.0 lanes.

This means that the motherboard will support a whopping 12TB of system memory alongside a tremendously powerful data center processor.

Read more
AMD Ryzen 7 5800X3D scores are in, but don’t trust them yet
A digital depiction of an AMD Ryzen 5000G chip.

The upcoming AMD Ryzen 7 5800X3D was just benchmarked ahead of its release, but it might be too early to fully trust these scores.

Although the CPU failed to impress in these synthetic benchmarks, the real test is still yet to come: We need to see the Ryzen 7 5800X3D perform in a gaming setting.

Read more