AMD warns of vulnerabilities related to Transient Scheduler Attacks (TSA) affecting its chipsets. These vulnerabilities could lead to information disclosure through speculative side channels in its CPUs. Detected by researchers from Microsoft and ETH Zurich, tests revealed potential data leakage based on execution timing under certain conditions. The vulnerabilities have been assigned CVE identifiers, indicating varying degrees of risk. Specifically, attackers could exploit these vulnerabilities to infer sensitive information across privileged boundaries, which poses significant security concerns for users of AMD processors.
Transient Scheduler Attacks (TSA) manifest as a speculative side channel in AMD CPUs, leveraging execution timing to potentially infer sensitive data from various contexts, resulting in leakage.
The vulnerabilities were uncovered during a study by Microsoft and ETH Zurich about stress testing modern CPUs against speculative execution attacks like Meltdown.
CVE-2024-36350 and CVE-2024-36357 highlight transient execution vulnerabilities that may allow attackers to infer sensitive information across different privilege levels.
AMD has acknowledged these vulnerabilities as a new class of speculative channels that could expose privileged information, urging users to stay aware of the risks.
Collection
[
|
...
]