Skip to main content

AMD’s defenses against Spectre V2 may be inadequate

Just a few days ago, Intel and ARM chips were once again found to be affected by the Spectre V2 vulnerability, also known as branch history injection (BHI). AMD processors were thought to be safe at the time.

Unfortunately, further research shows that AMD is not immune to Spectre V2, and its previous measures may be inadequate, bringing performance drops of up to 54%.

The AMD Ryzen 5000 APU against a red background.

Spectre and Meltdown flaws were first found in December 2017, and during the initial attack, Intel, Arm, and AMD chips were all affected. When Spectre reemerged just last week, AMD seemed to get away unscathed due to the different architecture of its chips, but Intel and Arm chips were hit hard.

On Intel CPUs, Spectre is a proof-of-concept exploit that introduces malicious code into the computer’s kernel, opening the door to a wide range of vulnerabilities, such as the extraction of personal data and passwords. Spectre V2 is said to affect Intel processors released within the last few years, including the latest Intel Alder Lake CPUs.

This time around, AMD initially seemed to be doing fine in the face of BHI, but according to Intel researchers, AMD’s chipset may still have code exposures. AMD, just like the other two chip giants, had introduced certain security measures when Spectre was first discovered in 2017. Experts from Team Red assured that these measures are still in place and are helping its chips avoid the attack. This may not be quite as true as AMD would like it to be.

As detailed by the VUSec group at Vrije Universiteit Amsterdam, AMD used the Retpoline strategy to mitigate Spectre V2. According to the research team, the generic Retpoline code is inadequate and insufficient to combat Spectre V2. AMD disagrees with this, stating that its own hardware does a better job of utilizing the Retpoline strategy.

Phoronix benchmarks of AMD CPUs.
Image source: Phoronix

Phoronix has also analyzed the performance of AMD CPUs with the Retpoline mitigations enabled and found performance drops of up to 54% in some tests. This implies that AMD’s solution, while seemingly effective in mitigating the attacks this time around, may have an adverse impact on Zen-based processors.

AMD was made aware of the findings of these research teams and issued an official recommendation, talking about the affected products and their mitigation measures. Using Linux, users can choose which mitigation against Spectre V2 is being used at boot time. AMD continues to encourage users to utilize the generic Retpoline.

The Intel research team that wrote a paper about this seemingly disagrees with the approach, stating: “The effectiveness of this mitigation can be compromised by the inherent race condition between the speculative execution of the predicted target and the architectural resolution of the intended target, since this can create a window in which code can still be transiently executed.”

Wccftech compiled the various sources and initially shared the news. One could assume that Intel would be pleased to find issues with AMD’s chips, but with vulnerabilities as large as Spectre V2, chipmakers tend to work together in order to minimize risks. However, AMD seems confident in its fixes.

Editors' Recommendations