AMD Confirms RDSEED Security Flaw In Zen 5 CPUs & Details Mitigation Plan

by · HotHardware

If you were ordered to pick a random number and guess "zero", it may be a great choice—but not if it's what you pick every time you're asked, as current AMD Zen 5 CPUs are prone to do in certain conditions. Specifically, AMD has confirmed that in very specific circumstances, the RDSEED CPU instruction is returns a value of 0 "at a rate inconsistent with randomness" while incorrectly signaling success, which impacts the 16-bit and 32-bit forms of the instruction. Fortunately, the 64-bit form of the instruction is not impacted, but the vulnerabilities of the simpler instructions do open a potential vector of attack, especially when dealing with sensitive information that needs to be encrypted with fully-functioning RDSEED instructions.

The error affects all AMD Zen 5-based CPUs, from the mainstream Ryzen 9000 desktop CPUs pictured above, to the Ryzen AI 300 series, the Threadripper 9000 series, and even EPYC 4005/9005 series, are all impacted by the flaw. This microcode error recalls the Zen 1-4 microcode vulnerability we reported on earlier this year, though fortunately it isn't quite as severe that bug, which allowed attackers to execute malicious code on target CPUs.

It's still not a great look for AMD, but according to the chipmaker's official blog post on the matter, we can expect a mitigation upgrade to the microcode of most impacted Zen 5 CPUs within the month of November, although Ryzen and EPYC embedded processors won't get their update until January. In the meantime, AMD advises impacted users to stick to the 64-bit form of RDSEED, or failing that, re-running the 16/32-bit versions  until a non-zero value is returned. Alternately, if the instructions aren't needed, users can mask the CPUID Fn0000_0007_EBX[18] RDSEED from software discovery via the appropriate method for their operating system, which will prevent the instruction from being executed (and thus, the vulnerability from being exploited.)

In an era where randomly-generated encrypted passwords are getting easier than ever to crack with consumer hardware, mitigating a vulnerability like this as quickly as possible is imperative. Fortunately, it's relatively easy to mitigate and unlikely to impact most customers—but for enterprise customers and IT departments, especially considering that EPYC CPUs that can cost thousands of dollars, this is a major problem. Hopefully no major attacks come about as a result of this bug before the microcode patch becomes available to users.

Image Credit: Pixabay