The flaw apparently enables attackers to take control of private information stored in the AMD Zen 2 class CPUs – which includes PS5, XBox, and desktop and data center computers – such as encryption keys and logins. Remote attackers can use website Javascript to exploit Zenbleed, according to cloud infrastructure provider Cloudflare.
AMD Zen 2 CPU
AMD’s Zen 2 CPU, launched in 2019, is the third generation of the company’s Ryzen processors. The processors include Ryzen 4000U/H desktop chips, Ryzen 5000U for mobile applications, Threadripper 3000 for high-performance workstations, and Ryzen 4000G Accelerated Processing Unit (APU) system-on-a-chip.
Moreover, the processors also powers Sony’s PlayStation 5, Microsoft’s Xbox Series S and Series X, and Steam’s Steam Deck. Zen 2 CPUs are also used across a number of standalone computers and data center servers.
The CPUs, as mentioned earlier are now affected by Zenbleed – labeled as CVE-2023-20593 – which relies on an error in the way how CPUs execute a process known as speculative execution.
CPU Misprediction
Modern CPUs are designed such that they increase processing speed, by preloading a num
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: