The flaw, discovered by several cybersecurity researchers from the technology universities of Graz and Georgiawas described in a document entitled “SQUIP: use the side channel for the scheduler’s queue conflicts“And then confirmed by the same AMD.
One of the study’s authors put it this way:
An attacker running on the same host and CPU core could spy on what kinds of instructions you are executing due to the split scheduler design on AMD CPUs. Apple’s M1 (probably also M2) follows the same design but hasn’t been affected yet as they haven’t introduced SMT in their CPUs yet.
SMT is short for “concurrent multithreading”, a technique that improves the efficiency of hardware multithreaded superscalar CPUs by enabling multiple independent threads of execution, using the chip’s resources more efficiently. The flaw comes from the way the CPU works: it is able to run multiple lines of code on a single CPU core to improve performance.
But this also allows potential threat actors to follow these instructionsand malware on the device, although almost all malware can be neutralized with a software patch, therefore SMT technology must be disabled to reduce the vulnerability and that is a huge blow to the performance of the chip.
Source: Lega Nerd
