How bad are the AMD Ryzen and Epyc CPU flaws?

AMD has now confirmed that the “AMD Flaws” revealed by CTS-Labs are real. We recommend installing the BIOS update that fixes them when it’s available. But, don’t worry too much. The danger of these flaws has been exaggerated.

Four separate vulnerabilities have been identified, and they are named Ryzenfall, Masterkey, Fallout, and Chimera. These flaws affect AMD Ryzen processors and EPYC server processors, which are both based on AMD’s Zen microarchitecture. Right now, there have been no reports of these vulnerabilities being taken advantage of in the wild. The flaws themselves have only recently been confirmed. And unfortunately, there’s no way yet of determining if a CPU has been compromised. But, here’s what we do know.

The Attacker Needs Administrative Access

The real takeaway here is that every single vulnerability CTS-Labs announced requires administrative access on a computer running an AMD Ryzen or EPYC CPU to exploit. And, if the attacker has administrative access on your computer, they can install keyloggers, watch everything you’re doing, steal all your data, and perform many other nasty attacks.

In other words, these vulnerabilities allow an attacker who has already compromised your computer to do additional bad things they shouldn’t be able to do.

These vulnerabilities are still a problem, of course. In the worst case, an attacker can effectively compromise the CPU itself, hiding malware inside it that persists even if you reboot your PC or reinstall your operating system. That’s bad, and AMD is working on a fix. But an attacker still needs administrative access to your PC in the first place to execute this attack.

In other words, this is much less scary than the Meltdown and Spectre vulnerabilities, which allowed software without administrative access—even JavaScript code running on a web page in a web browser—to read data to which it shouldn’t have access.

And, unlike how patches for Meltdown and Spectre could slow down existing systems, AMD says there will be no performance impact when fixing these bugs.

What Are MASTERKEY, FALLOUT, RYZENFALL, and CHIMERA?

Three of the four vulnerabilities are attacks on AMD’s Platform Security Processor, or PSP. This is small, embedded security coprocessor built into AMD’s CPUs. It actually runs on a separate ARM CPU. It’s AMD’s version of the Intel Management Engine (Intel ME), or Apple Secure Enclave.

This security processor is supposed to be completely isolated from the rest of the computer and only allowed to run trusted, secure code. It also has full access to everything on the system. For example, it handles Trusted Platform Module (TPM) functions that enable things like device encryption. The PSP has firmware that can be updated via system BIOS updates, but it only accepts updates that are cryptographically signed by AMD, which means attackers can’t crack it—in theory.

The MASTERKEY vulnerability allows an attacker with administrative access on a computer to bypass the signature check and install their own firmware inside the AMD Platform Security Processor. This malicious firmware would then have full access to the system and would persist even when you reboot or reinstall your operating system.

The PSP also exposes an API to the computer. The FALLOUT and RYZENFALL vulnerabilities take advantage of flaws that the PSP exposes to run code in the PSP or System Management Mode (SMM). The attacker shouldn’t be able to run code inside these protected environments and could install persistent malware into the SMM environment.

Many socket AM4 and TR4 motherboards have a “Promontory chipset.” This is a hardware component on the motherboard that handles communication between the AMD CPU, memory, and other system devices. It has full access to all the memory and devices on the system. However, the CHIMERA vulnerability takes advantage of flaws in the Promontory chipset. To take advantage of it, an attacker would have to install a new hardware driver, and then use that driver to crack the chipset and run code on the chipset processor itself. This problem only affects some Ryzen Workstation and Ryzen Pro systems, as the chipset is not used on EPYC Server platforms.

Again, every single AMD flaw here—MASTERKEY, FALLOUT, RYZENFALL, and CHIMERA—all require an attacker to compromise your PC and run software with administrator access to exploit them. However, that attacker will then be able to hide malicious code where traditional security programs will never find it.

For more details, read AMD’s technical assessment and this technical summary from Trail of Bits.

CTS-Labs, which disclosed these flows, thinks AMD is downplaying their severity. However, while we agree that these are potentially serious problems which should be fixed, we feel it’s important to point out how difficult they would be to exploit—unlike Meltdown and Spectre.

BIOS Updates Are On the Way

AMD will be fixing the MASTERKEY, FALLOUT, and RYZENFALL problems via firmware updates to the AMD Platform Security Processor (PSP). These updates will be available through BIOS updates. You will have to get these BIOS updates from your PC manufacturer—or, if you built your own PC, from your motherboard manufacturer.

On March 21, AMD said it planned to release these updates “in the coming weeks,” so keep an eye out for BIOS updates before the end of April. CTS-Labs thinks this timeline is “drastically optimistic,” but we’ll see what happens.

AMD has also said it will be working with ASMedia, the third-party company that developed the Promontory chipset, to patch the CHIMERA attack. However, as CTS-Labs notes, AMD didn’t provide a timeline for this patch. Fixes for CHIMERA will also be made available via future BIOS updates.