Chipmaker AMD is scrambling to patch a newly discovered bug, dubbed ‘Zenbleed’, that lets attackers steal gigabytes of potentially sensitive data every day from systems running AMD’s Zen 2 class CPUs – including the PS5, XBox, and desktop and data centre computers.

Introduced in 2019, AMD’s Zen 2 CPU architecture is the third generation of the company’s Ryzen processors – which includes Ryzen 4000U/H desktop chips, Ryzen 5000U for mobile applications, Threadripper 3000 for high-performance workstations, and Ryzen 4000G Accelerated Processing Unit (APU) system-on-a-chip.

As well as powering Sony’s PlayStation 5, the chips support devices including Microsoft’s Xbox Series S and Series X, and Steam’s Steam Deck – and Zen 2 CPUs are used across a range of standalone computers and data centre servers as well.

All are said to be vulnerable to Zenbleed (catalogued as CVE-2023-20593), which relies on an oversight in the way CPUs handle a function known as speculative execution.

Modern CPUs improve speed by using speculative execution to predict what they will need to do next – preloading several options so the CPU doesn’t have to wait for them to load once it has completed the current instruction.

CPU ‘mispredictions’ – the predictions that end up not being needed – are erased using a command called vzeroupper, which rolls back the guess by ‘zeroing out’ the memory space, called a YMM register, that had been reserved for those predictions.

However, Google security researcher Tavis Ormandy discovered that when Zen 2 CPUs predict the next instruction will be vzeroupper, and it turns out to be a misprediction, the chip doesn’t always delete the data stored in the YMM register – which are also used by regular CPU instructions that move and copy data.

That means the memory space may contain sensitive data such as passwords, credit-card details, encryption keys, and so on – and a properly constructed exploit can, Ormandy explains, trick the CPU into recovering in a way that enables hackers to siphon data from affected systems at around 30KB per core per second.

Because it relates to the normal operation of the CPU, the bug works regardless of which operating system, applications, virtual machines, or security tools are installed on the system.

“We now know that basic operations will use the [same] vector registers,” he explained, “so we can effectively spy on those operations happening anywhere on the system! It doesn’t matter if they’re happening in other virtual machines, sandboxes, containers, processes, whatever!”

Patching the underlying vulnerability

Said to be easier to exploit than other recent CPU bugs such as Spectre and Meltdown, Ormandy has released exploit code and a proof-of-concept exploit has already been published, even as chipmakers and application vendors jump to action.

AMD, for its part, has released a temporary patch that must be applied to affected systems’ core chip architecture and plans to release a full update to equipment manufacturers by October.

Cloud infrastructure firm Cloudflare is “patching [its] entire fleet of potentially impacted severs with AMD’s microcode,” the firm shared. “While our network will soon be protected, we will continue to monitor for any signs of attempted exploitation of the vulnerability and will report on any attempts we discover in the wild.”

Citrix has released a patch while Linux operating system makers Debian and Red Hat have weighed in, with Red Hat labelling it a ‘moderate impact’ vulnerability and warning that a suitable mitigation isn’t yet available.

Amazon Web Services is “still testing the stability of” the AMD patch, the firm has reported, adding that users of its cloud services will be automatically protected from the bug once it is deployed.

Security experts advise companies to assess their exposure to the bug by auditing their use of systems based on Zen 2 CPUs – and to be aware of other, similar hardware bugs such as RAMBleed that allow data to be read directly from CPU and memory hardware.

Although the exploit may require colleting large quantities of data over a long time before it unearths any private data, Sophos principal research scientist Paul Ducklin said in a blog, persistence by cyber criminals is likely to pay off if they can infect enough systems with an exploit.

“Unfortunately, you can exploit the bug from almost any process or thread on a computer and pseudorandomly bleed out data from almost anywhere in memory,” he explains, noting that a Zenbleed exploit could copy 3GB of data per day and scour it for meaningful data like the proverbial needle in a haystack.

“It’s a bit like a low-key lottery that doesn’t have any guaranteed mega-jackpot prizes, but where you get a sneaky chance to buy 1,000,000 tickets for the price of one.”

“You might not hit the lottery equivalent of a multi-million-dollar jackpot, but you’re almost certain to win the equivalent of thousands of $1000 prizes.”