Encryption-breaking, password-leaking bug in many AMD CPUs could take months to fix
Enlarge (credit: AMD) A recently disclosed bug in many of AMD's newer consumer, workstation, and server processors can cause the chips to leak data at a rate of up to 30 kilobytes per core per second, writes Tavis Ormandy, a member of Google's Project Zero security team. Executed properly, the so-called "Zenbleed" vulnerability (CVE-2023-20593) could give attackers access to encryption keys and root and user passwords, along with other sensitive data from any system using a CPU based on AMD's Zen 2 architecture. The bug allows attackers to swipe data from a CPU's registers. Modern processors attempt to speed up [...]