'Inception' vulnerability could leak sensitive data on AMD Ryzen systems

What just happened? Just days after reports emerged about the Zenbleed exploit affecting Zen 2-based AMD CPUs, researchers from ETH Zurich have detailed yet another critical vulnerability that affects a range of AMD processors with Zen cores. Called 'Inception,' the new security flaw can reportedly leak kernel memory and access sensitive files on Linux machines under certain conditions.

According to the report published by the researchers this week, the new vulnerability affects all AMD Ryzen CPUs with Zen cores, meaning a range of processors meant for desktops, laptops, data centers, and HEDT are vulnerable to the bug. As part of a proof-of-concept attack, researchers showed that it can leak kernel memory at a rate of up to 39 bytes per second on Zen 4 processors, enabling them to leak /etc/shadow on a Linux machine in just 40 minutes. The leaked file reportedly included hashed user account passwords and was only accessible by the root user.

In their report, the researchers said they used a previously disclosed vulnerability called 'Phantom speculation' to design a new class of transient execution attacks called Training in Transient Execution (TTE), which was then used to create Inception. Tracked as CVE-2023-20569, it is described as a speculative execution-based side-channel attack that can leak passwords and other sensitive data.

AMD has acknowledged the issue and is rolling out microcode updates to fix the problem with some of the affected processors. The company rated the severity level of Inception as 'medium' and said that the vulnerability is only exploitable locally, via downloaded malware. While that makes it relatively less dangerous than typical remote code execution flaws, it is still a cause for concern until the company is able to roll out updates for all the affected chips in its lineup. So, if you have a Zen-based AMD processor in your computer, install the latest available update as soon as possible, either from the PC vendor or as part of the OS security updates.

It is worth noting here that Inception only affects AMD chips, meaning people running Intel processors on their PCs or servers aren't affected by it. However, Team Blue is not entirely in the clear, as cybersecurity researchers have also recently detailed a side-channel attack called Downfall that affects many of its processors. According to reports, Intel's 6th-11th-gen Core processors are affected by Downfall, enabling attackers to potentially access data that should not be visible, such as cryptographic keys, etc.