• AutoTL;DR@lemmings.worldB
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    This is the best summary I could come up with:


    Like some of the most infamous CPU vulnerabilities, Inception is a speculative side channel attack, which can possibly lead to privileged data leakage to unprivileged processes.

    AMD CPU users may be familiar with the quite frequent AGESA microcode update releases, and some patches will be delivered this way later this month, while others might have to wait until December.

    Processor makers thought they had eliminated the ability of attackers to snoop at the look up table used for accessing DRAM in Spectre mitigations.

    However, the ETH Zurich team discovered that, on Zen architecture processors, they could “make the CPUs manufactured by AMD believe that they had seen certain instructions before, whereas in reality that had never happened,” explained one of the researchers to EE News Europe.

    Ultimately, Inception means that an attacker of an unpatched AMD Ryzen system can obtain leaked data from anywhere in the computer’s memory.

    However, the researchers reckon Inception could be used by an attacker in the context of cloud computing, where several customers share the same processing hardware resource.


    I’m a bot and I’m open source!