News AMD 'Inception' Vulnerability Affects Zen 3 and 4

[Admin]

A wide-ranging AMD CPU vulnerability called Inception has been detailed, but AMD says only the newest Zen 3 and 4 architectures are affected and products will receive patches soon.

AMD 'Inception' Vulnerability Affects Zen 3 and 4 : Read more

 

[bit_user]

Microcode updates for Linux have already been merged. The performance impact of the mitigation is said to be minor. I'll be interested in seeing some benchmarks.

I've seen this described as just a special case of the SRSO (Speculative Return Stack Overflow) exploits we already knew about.

 

[wbfox]

At least AMD got the microcode updates out for everyone already. They did the updgrade shaft dance to the Zen 2 owners with their, "maybe next year," Zenbleed fix.

 

[Integr8d]

The timing of this article and the Intel article are... hmmm.

To say the least, it feels coordinated. Anyone's guess as to why.

 

[BernardTitus]

The timing of this article and the Intel article are... hmmm.

To say the least, it feels coordinated. Anyone's guess as to why.

Black Hat and Def Con are happening now.

 

[Alvar "Miles" Udell]

To be clear, AMD says that users of products based on the Zen or Zen 2 CPU architectures don't need any patching "because these architectures are already designed to flush branch type predictions from the branch predictor." This is a little different from what the researchers from ETH Zurich say in their Inception paper (PDF), so we hope things will become clearer soon.

So AMD took a step backwards in security to take a step forward in performance it sounds like.