Inception Attack: A New Threat to AMD Zen CPUs

Researchers from ETH Zurich have discovered a new and powerful transient execution attack called Inception that can leak privileged secrets and data using unprivileged processes on all AMD Zen CPUs, including the latest models.

Read: Cisco confirms hack last May

The Inception attack works by exploiting a feature of AMD Zen CPUs called speculative execution. Speculative execution is a technique that allows CPUs to guess what instructions will be executed next and start executing them before the actual instructions are received. This can improve performance, but it can also introduce security vulnerabilities.

The Inception attack takes advantage of a specific type of speculative execution called recursive speculation. Recursive speculation occurs when a CPU speculatively executes a function call that calls itself. This can create a transient window of opportunity for an attacker to leak data.

The Inception attack uses this transient window to leak data by inserting new predictions into the branch predictor. The branch predictor is a component of the CPU that predicts which branch of instruction will be taken next. By inserting new predictions into the branch predictor, the attacker can control the flow of execution and leak data that would not normally be accessible.

The Inception attack is a serious threat to AMD Zen CPUs. It is effective against all AMD Zen CPUs, including the latest models. The attack is also difficult to defend against. Existing mitigations for transient execution attacks are not effective against Inception.

AMD has released a comment to BleepingComputer as follow:

“AMD has received an external report titled ‘INCEPTION’, describing a new speculative side channel attack. AMD believes ‘Inception’ is only potentially exploitable locally, such as via downloaded malware, and recommends customers employ security best practices, including running up-to-date software and malware detection tools. AMD is not aware of any exploit of ‘Inception’ outside the research environment, at this time.”

In the meantime, users should be aware of the Inception attack and take steps to protect themselves. This includes using strong passwords and enabling two-factor authentication. Also, be careful about what software they install on their computers: only install software from trusted sources.

The Inception attack is a reminder that even the most powerful CPUs are vulnerable to security attacks. Users should always be vigilant about their security and take steps to protect themselves.

Keep in touch with our blog to read the latest news and innovations in the cybersecurity world.