News

Almost all AMD Ryzen chips are vulnerable to side-channel SQUIP attacks, Intel and Apple M1 / M2 chips are not affected

11/08/2022

Aug. 12 – Security research has uncovered a new CPU vulnerability called “SQUIP”, which stands for Scheduler Queue Usage via Interference Probing. AMD Zen architecture-based Ryzen chips and others are vulnerable to this new security vulnerability.

The vulnerability is related to the multiple scheduler queues in the CPU. Unlike AMD, Intel uses a single scheduler in its architecture, which means it is not affected by SQUIP.

On the AMD side, SKUs with Synchronous Multithreading (SMT) technology are affected, which includes almost all AMD processor SKUs except for a few models (list attached). The issue is tracked under the ID “CVE-2021-46778”.

The following is a summary and mitigation measures provided by AMD.

Overview

Execution unit scheduler contention may lead to an issue in AMD CPUs codenamed “Zen 1”, “Zen 2”, and “Zen 3” using simultaneous multithreading (SMT). side-channel vulnerability found on AMD microarchitecture using simultaneous multithreading (SMT). By measuring the contention level of the scheduler queue, an attacker may be able to compromise sensitive information.

Mitigation

AMD recommends that software developers adopt existing best practices, including constant-time algorithms and, where appropriate, avoid relying on secret control flow, to help mitigate this potential vulnerability.

The following AMD Ryzen SKUs are unaffected by the SQUIP vulnerability, from the first generation Zen 1 through Zen 3.

Ryzen 1000 (Zen 1)

Ryzen 3 1200

Ryzen 3 1300X

Ryzen 2000 (Zen 1+)

Ryzen 3 2300X

Ryzen 3000 (Zen 2)

Ryzen 5 3500

Ryzen 5 3500X

Athlon 3000/4000 (Zen 2)

Athlon Gold 3150G/GE

Athlon Gold 4150G/GE

In addition to the CPUs listed above, all other Ryzen, Athlon, Threadripper, and EPYC processors are affected by SQUIP because they support SMT.

It should also be noted that the initial reports claimed that the Apple M1 CPU was also vulnerable to the SQUIP vulnerability. While the M1 also uses a split scheduler, it should not be affected because Apple does not use SMT. the same may be true for the M2 chip. However, if a future CPU (such as the M3) migrates to SMT with the same scheduler design, it will be vulnerable to attacks.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

RELATED ARTICLES

Starting from 48,900, Geely Panda Karting officially starts pre-sale

Ford: Expand charging network, fuel/ hybrid/ pure electric in parallel

Chery’s two new cars are exposed, targeting overseas markets