AMD has confirmed that there’s a new Zen 2 CPU bug that can allow attackers to access your data by taking control of internal registers and snooping on data within the processor. The bug affects a whole range of Zen 2 architecture chips, including Ryzen, Threadripper, and Epyc processors. AMD has already issued a microcode fix for the Epyc processors, but a fix for other chips isn’t set to arrive until at least October 2023.
The bug was discovered by Tavis Ormandy, a researcher with Google Information Security, who posted about the work on his website. He describes in detail how the hack works, what vulnerabilities result from it, and what solutions there are to it. He also notes the contribution of Eduardo Vela Nava, Alexandra Sandulescu, and Josh Eads in his discovery.
Essentially, the bug works by tricking the system into exposing the contents of a CPU register to code that shouldn’t otherwise have access to it. Ormandy describes the sequence of commands that can trigger this needing to ‘happen within a precise window to work’ but that once enabled the exploit can ‘effectively spy on [other] operations happening anywhere on the system! It doesn’t matter if they’re happening in other virtual machines, sandboxes, containers, processes, whatever!’
Scary as this sounds, Ormandy points out that the exploit ‘can leak about 30kb per core, per second’, which is a relatively small amount of data – this isn’t a case of the exploit completely taking over your system. However, it’s a window of time large enough that it could be used to monitor passwords and encryption keys, which once obtained then open up a system to considerably greater exploitation.
The AMD Zen 2 CPUs affected by Zenbleed are:
- AMD Ryzen 3000 Series Processors
- AMD Ryzen PRO 3000 Series Processors
- AMD Ryzen Threadripper 3000 Series Processors
- AMD Ryzen 4000 Series Processors with Radeon Graphics
- AMD Ryzen PRO 4000 Series Processors
- AMD Ryzen 5000 Series Processors with Radeon Graphics
- AMD Ryzen 7020 Series Processors with Radeon Graphics
- AMD EPYC “Rome” Processors
Seeking to ensure a fix was found by AMD without the world knowing about this bug, Ormandy let the company know about it back in May and is only now telling the world about it. This has allowed AMD to already offer up a microcode fix (distributed as a bios update for your motherboard) for the affected Epyc CPUs but Ryzen and Threadripper chip users will have to wait until October, November, or December (details below) for a microcode fix. In the meantime, users can enable a software fix, though this can negatively impact performance.
AMD’s planned Zenbleed fix schedule is:
| Processor | Agesa Firmware | Availability to OEMs | Microcode |
| 2nd-Gen AMD EPYC Rome Processors | RomePI 1.0.0.H | Now | 0x0830107A |
| Ryzen 3000 Series “Matisse” | ComboAM4PI_1.0.0.C | Target Dec 2023 for both | ? |
| Ryzen 4000 Series “Renoir” AM4 | ComboAM4v2PI_1.2.0.C | Target Dec 2023 | ? |
| Threadripper 3000-Series “Caslle Peak” | CastlePeakPI-SP3r3 1.0.0.A | Target Oct 2023 | ? |
| Threadripper PRO 3000WX-Series “Castle Peak” | CastlePeakWSPI-sWRX8 1.0.0.C | ChagallWSPI-sWRX8 1.0.0.7 | Target Nov 2023 | Target Dec 2023 | ? |
| Ryzen 5000 Series Mobile “Lucienne” | CezannePI-FP6_1.0.1.0 | Target Dec 2023 | ? |
| Ryzen 4000 Series Mobile “Renoir” | RenoirPI-FP6_1.0.0.D | Target Nov 2023 | ? |
| Ryzen 7020 Series “Mendocino” | MendocinoPI-FT6_1.0.0.6 | Target Dec 2023 | ? |
Thanks to its advance notice of the vulnerability, Google has already stated it has worked to patch its systems that use these chips and the ready release of an Epyc microcode patch will mean other servers should be immediately fixable. This should mean that any user information received on the server-side should be protected.
AMD also points out that it ‘is not aware of any known exploit of the described vulnerability outside the research environment’, although with the exploit methodology now being made public that could soon change. We’ve reached out to AMD for advice on what owners of as yet unpatched Zen 2 chips should do while they wait for the microcode fix to be issued. We’ll update this story once that response comes through.
Are you a user of a Zen 2 processor and does this exploit have you worried? Let us know your thoughts on the Custom PC Facebook page, via Twitter, or join our Custom PC and Gaming Setup Facebook group and tap into the knowledge of our 400,000+ members. Meanwhile, if you’re looking for an upgrade for peace of mind, you can check our best CPU guide.