In the processors of AMD,
a vulnerability
has been detected. This vulnerability,
CVE-2023-20588,
leads to data leakage during the execution of the CPU core when a Divide Error occurs while trying to divide into zero.
The vulnerability
manifests itself
only in AMD processors based on Zen1 microarchitecture, such as the AMD Epyc 7001 series, AMD Athlon 3000, AMD Ryzen 3000 with GPU Radeon, AMD Athlon Pro 3000 C GPU Radeon Vega, and AMD Ryzen Pro 3000 with GPU Radeon Vega.
The vulnerability is caused by the fact that when the exclusion of #DE arises when dividing by zero, the processor speculatively redirects the result of the previous division operation.
Since the CPU with the Zen1 microarchitecture contains only one divider serving operations in different flows, on vulnerable systems, an attacker can determine the result of the previous division operation executed by the CPU in other contexts, such as the nucleus, other processes, or outside the virtual machine.
From a practical perspective, this vulnerability can be exploited to create a hidden data channel between processes, sandbox rings, or virtual machines.
This allows for the exchange of data without triggering access mechanisms and without raising any system alarms.
Additionally, the vulnerability allows attackers to determine the parameters of previous division operations executed with higher privileges, which can be used in the processing of confidential data, such as cryptographic operations.
Corrections to block the vulnerability have been prepared for
Linux kernels
and
Xen hypervisor.
The problem has been