The new AMD vulnerability discovered by @taviso and his team makes all AMD zen2 processors vulnerable. Also known has Zenbleed.
I compiled the demo code and there we go, I can see lot of information getting leaked from the memory. Not great, it’s the AMD variant of the meltdown/spectre bug basically. It uses however an “optimization” operator (cvtsi2sd) to trigger the vulnerability in the CPU allowing to read 30kb/core/second of data. No special permissions required. Works on all platforms, all operating systems, VM or docker, it doesn’t matter…
This vulnerability was found using fuzzing, which is an automated way of injecting wrong input values and see when or if something breaks or not.
Currently only EPYC processors have received a fix. All other AMD Zen 2 processors are still fully vulnerable. There are also no BIOS firmware updates yet. I doubt wherever this premature public release from AMD was intentional or not…
More info: https://lock.cmpxchg8b.com/zenbleed.html
What I’m saying is that if you are enabling unvetted users to run things on your hardware, for free, you probably shouldn’t be doing it on consumer hardware in the first place.
If the users are paying, doubly so.
If the users are vetted but free, then this is a “your friends are hacking you” problem.
There is nothing wrong with using consumer hardware to host servers. I’m doing it right this moment with great success. What I’m saying is that if you have public gitlab runners, then you’re just hosting a Monero mining rig for randoms in the first place.
Well. That depends on the security. Only docker containers are allowed. Docker containers are remapped to non root users. No extra privileged are possible either.
We only now have Zenbleed to deal with. And amd didn’t release anything yet for consumer cpus.
The latest microcode-amd packages from your favorite distro should enable the chicken bit for the vulnerable instructions. Of course, it will slow down speculative execution for certain workloads, but it should stop the bug from being exploitable.
Again, running public compute services on consumer hardware is not a use-case that makes that much sense, but appently you’re dead set.
I have this installed
3.20191218.1ubuntu2.1on my Ubuntu 22.04 server. It stills allows me to execute zenbleed exploit on AMD Ryzen 7 3700X CPU.Changelog: http://changelogs.ubuntu.com/changelogs/pool/main/a/amd64-microcode/amd64-microcode_3.20191218.1ubuntu2.1/changelog. It’s not working…?