Apparently, it affects AMD processors dating back to 2011, from the veryold Athlon 64 X2 all the way to the Ryzen 7 and even the newest Threadripper.
Taken from Tom’s Hardware …
“We are aware of a new whitepaper that claims potential security exploits in AMD CPUs, whereby a malicious actor could manipulate a cache-related feature to potentially transmit user data in an unintended way. The researchers then pair this data path with known and mitigated software or speculative execution side channel vulnerabilities. AMD believes these are not new speculation-based attacks.”
It’s noteworthy that this advisory does not point to any mitigations for the attack in question, merely citing other mitigated speculative executions that were used as a vehicle to attack the L1D cache predictor. The researchers also used other methods to exploit the vulnerability, so the advisory is a bit nebulous. AMD’s posting also lists general advice for protecting against the incredibly large family of side channel attacks, but we can’t find any specific mention of firmware patches for the Take A Way vulnerabilities. We’re reached out to AMD for more clarity, including if there are any publicly available firmwares that specifically mitigate the newly-disclosed vulnerabilities.
Update #2 3/8/2020 3:00pm PT: The researchers contend that this vulnerability is still active.
Source: Tom’s Hardware
