Despite the fact that AMD’s Zen 1 architecture is immune to the recent ‘Inception’ vulnerability affecting modern Zen 3 and Zen 4 CPUs, another vulnerability has been found that affects Zen 1 CPUs specifically. According to a report by Phoronix, a new Zen 1 vulnerability was found that can release potentially sensitive data if the CPU divides an integer calculation by the number 0 in Linux operating systems.
According to commentary made by AMD Linux developer Borislav Petkov, the bug specifically leaves “stale quotient data” after a Zen 1 CPU divides an integer calculation by 0 in certain circumstances. The fix involves doing a “dummy division 0/1 before returning from the #DE exception handler in order to avoid any leaks of potentially sensitive data.”
Thankfully the Linux community has already issued a bug fix, resolving the issue. Petkov authorized a Linux kernel patch to work around the vulnerability. The patch was merged into Linux 6.5 kernel today and is set to be back-ported to all stable Linux kernel releases as well. So if you are running an OS featuring an older Linux kernel, you don’t have to upgrade to the latest Linux kernel version to get the new fix.
Interestingly there is also another workaround method that doesn’t involve kernel updates. Apparently, the vulnerability can be neutralized by disabling Symmetric Multi-Threading on Zen 1 CPUs as well. This method obviously has its flaws, since it reduces the performance benefits SMT offers on AMD CPUs, and in many cases, it also disables sleep mode due to an architectural limitation. But it is a good way to temporarily patch the vulnerability for Linux users that are waiting for the kernel patch to be released for their specific OS.
This issue is reminiscent of a similar problem on Intel’s Skylake chips from several years ago, where disabling Intel’s HyperThreading technology patched some security holes on those chips.
Thankfully the issue appears to be Linux-specific and does not affect Windows operating systems. Plus the vulnerability is already being actively patched for Linux users. However, the same cannot be said of the two other vulnerabilities affecting modern AMD CPUs and Intel CPUs, Inception and Downfall, right now.
