AMD ‘Zenbleed’ exploit can leak passwords and encryption keys from Ryzen CPUs
by Jess Weatherbed from The Verge - All Posts on (#6D8PC)
AMD is rolling out patches for at-risk CPUs, though these updates may impact system performance. | Illustration: Beatrice Sala A new vulnerability impacting AMD's line of Zen 2 processors - which includes popular CPUs like the budget-friendly Ryzen 5 3600 - has been discovered that can be exploited to steal sensitive data like passwords and encryption keys. Google security researcher Tavis Ormandy disclosed the Zenbleed" bug (filed as CVE-2023-20593) on his blog this week after first reporting the vulnerability to AMD on May 15th.
The entire Zen 2 product stack is impacted by the vulnerability, including all processors within the AMD Ryzen 3000 / 4000 / 5000 / 7020 series, the Ryzen Pro 3000 / 4000 series, and AMD's EPYC Rome" data center processors. AMD has since published its anticipated release timeline for patching out the exploit, with most firmware...