1. 2

  2. 1

    Here’s the abstract.

    Recent years have brought microarchitectural security into the spotlight, proving that modern CPUs are vulnerable to several classes of microarchitectural attacks. These attacks bypass the basic isolation primitives provided by the CPUs: process isolation, memory permissions, access checks, and so on. Nevertheless, most of the research was focused on Intel CPUs, with only a few exceptions. As a result, few vulnerabilities have been found in other CPUs, leading to speculations about their immunity to certain types of microarchitectural attacks. In this paper, we provide a black-box analysis of one of these underexplored areas. Namely, we investigate the flaw of AMD CPUs which may lead to a transient execution hijacking attack. Contrary to nominal immunity,we discover that AMD Zen family CPUs exhibit transient execution patterns similar for Meltdown/MDS. Our analysis of exploitation possibilities shows that AMDs design decisions indeed limit the exploitability scope comparing to In-tel CPUs, yet it may be possible to use them to amplify other microarchitectural attacks.