Short Summary
The discussion revolves around concerns regarding the performance and potential vulnerabilities associated with the AVX2 instruction set. Various questions are raised about the effectiveness of recent updates and the possibility of resolving existing issues through microcode updates.
Key Points
- AVX2, also referred to as Haswell New Instructions, generated 16 different outputs for each ymm register.
- Current findings indicate potential uses of this information that could lead to breaches.
- Questions arise about whether the results from the process are fully discarded or can be salvaged.
- Consideration is given to microcode updates as a potential solution to reported issues.
- Inquiries about any bugs that might exist within a 90-day review period are being addressed.
- Ongoing efforts are being made to tackle identified issues.
Youtube Channel: LiveOverflow
Video Published: 2023-08-29T15:35:44+00:00
Video Description:
Let’s explore the , “most exciting” CPU vulnerability affecting Zen2 CPUs from AMD.
Watch part 1 about fuzzing: https://www.youtube.com/watch?v=neWc0H1k2Lc
buy my font (advertisement): https://shop.liveoverflow.com/
This video is sponsored by Google: https://security.googleblog.com/2023/08/downfall-and-zenbleed-googlers-helping.html
Original Zenbleed Writeup: https://lock.cmpxchg8b.com/zenbleed.html
Grab the code: https://github.com/google/security-research/tree/master/pocs/cpus/zenbleed
cvtsi2ss: https://www.felixcloutier.com/x86/cvtsi2ss.html
AMD Security Bulletin: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7008.html
RIDL Video: https://www.youtube.com/watch?v=x_R1DeZxGc0
Tavis Ormandy: https://twitter.com/taviso
Chapters:
00:00 – Intro
02:27 – zenleak.asm Patterns
03:56 – The C Exploit Code
05:20 – Assembly Generation with Compiler Preprocessor
07:40 – What are XMM and YMM Registers?
11:56 – Zenbleed: Trigger Merge Optimization
14:28 – Register File & Register Allocation Table
16:39 – Register Renaming
17:55 – Speculative Execution
18:55 – vzeroupper and SSE & AVX History
21:22 – Zenbleed Explanation
23:55 – How to fix Zenbleed?
=[ Support ]=
→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
2nd Channel: https://www.youtube.com/LiveUnderflow
=[ Social ]=
→ Twitter: https://twitter.com/LiveOverflow/
→ Streaming: https://twitch.tvLiveOverflow/
→ TikTok: https://www.tiktok.com/@liveoverflow_
→ Instagram: https://instagram.com/LiveOverflow/
→ Blog: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/