AMD Chipset Flaws Are Real, But Experts Question DisclosureWas AMD Ambushed?
A set of vulnerabilities in AMD chipsets that gives attackers enduring persistence on computers appears to be legitimate. But experts are questioning the motivations of the Israeli security company that found the flaws, contending it ambushed AMD to maximize attention.
The vulnerabilities were found by CTS, a company founded last year by an Israeli man named Ido Li On. According to the CTS website, his firm develops security systems for embedded systems and application-specific integrated circuits, or ASICs.
On Tuesday, CTS launched an AMD Flaws website and released a "Severe Security Advisory on AMD Processors" white paper outlining flaws it says it found in AMD's Zen processors, including EPYC, Ryzen, Ryzen Pro and Ryzen Mobile. But AMD was apparently not given much, if any, advance notice of the vulnerability alert.
In a statement released Tuesday, AMD says it is investigating the findings and addresses the circumstances of the disclosure.
"This company was previously unknown to AMD, and we find it unusual for a security firm to publish its research to the press without providing a reasonable amount of time for the company to investigate and address its findings," it says.
While exploiting the vulnerabilities would first require an attacker to achieve administrator access to a computer, the bugs could be exploited to install stealthy firmware implants. Such modifications would be undetectable to security applications and resistant to system reboots.
"The only real public exploit here at the moment is a press exploit. This situation should not be happening."
—Kevin Beaumont, security researcher
The seriousness of the findings raises questions about why CTS opted to publish information about the flaws at roughly the same time as it notified AMD. The routine protocol after finding flaws is to notify a vendor and give it 90 days or so to patch, a courtesy known as coordinated disclosure.
Security researchers, however, are not under any legal obligation to give advance notice. And it's common for vendors or security researchers to spring news of vulnerabilities quickly to generate media coverage.
But U.K. security researcher Kevin Beaumont writes in a blog post that he "would encourage security researchers not to disclose vulnerabilities like this."
"The only real public exploit here at the moment is a press exploit," Beaumont writes. "This situation should not be happening."
CTS's white paper also contained a disclosure that struck some as unorthodox - at least for an ostensible technical write-up.
The company contends that while it believes its research is objective, "we may have, either directly or indirectly, an economic interest in the performance of the securities of the companies whose products are the subject of our reports."
CTS also apparently shared its research with other organizations before making it public. Reuters reports that CTS says it shared the research with clients who pay for its proprietary research on hardware flaws, although CTS declined to identify the organizations.
But on Tuesday, a short-selling firm called Viceroy Research published a 25-page report on the vulnerabilities, Reuters reports. The company teased the report in an "AMD - The Obituary" blog post. "We believe AMD is worth $0.00 and will have no choice but to file for Chapter 11 (Bankruptcy) in order to effectively deal with the repercussions of recent discoveries," it claims.
Viceroy's founder Fraser Perring told Reuters that the information was anonymously emailed to him on Monday. The company then took a "sizable" short position on AMD.
CTS officials did not immediately respond to a request for comment from Information Security Media Group.
The flaws found by CTS concern AMD's Zen chips' "secure processor," which is a separate system-on-chip that runs its own operating system. It's used for super-sensitive operations, such as generating cryptographic keys, key management and secure boot processes.
CTS outlined four classes of vulnerabilities, which, depending on the chipset in question, could undermine a machine. It's calling the vulnerabilities Masterkey, Ryzenfall and Fallout, and a fourth issue has been named Chimera, which CTS alleges is a backdoor.
Masterkey could allow attackers to run unauthorized code in kernel mode directly on the secure processor. That would allow the malware to bypass the secure boot process and inject code into the BIOS or operating system. CTS claims to have exploited two versions of Masterkey on EPYC and Ryzen chips.
The Ryzenfall vulnerabilities affect AMD's Secure OS, the operating system running on the secure processor on Ryzen, Ryzen Pro and Ryzen Mobile chips. The vulnerabilities can allow for code execution on the secure processor even though protected memory regions within the processor should be "sealed off by hardware," CTS writes.
The Fallout vulnerabilities are within the boot loader component of the secure processor within EPYC's chips, against allowing access to protected memory regions. CTS contends Fallout could be used to steal network credentials, disable BIOS-reflashing protections and inject malware into Windows Isolated User Mode and Isolated Kernel Mode.
CTS alleges that Chimera is a backdoor within AMD's Promontory chipsets, which are within Ryzen and Ryzen Pro workstations. The backdoors "provide multiple pathways for malicious code execution inside the chipset's internal processor," CTS writes.
The Promontory chipsets link a computer's processor to external devices such as USBs and hard drives. They weren't primarily designed by AMD but by a Taiwanese manufacturer called ASMEdia, which is part of Asus.
Some of the firmware controller software in Promontory appears to come from older controller chipsets, such as a USB 3.0 host controller dubbed ASM1142 that dates back to 2012, CTS says.
"A comparison of the firmware has shown that, during development, massive amounts of code were copied over from ASM1142 into AMD Promontory, transferring many security vulnerabilities into AMD's Ryzen chipset," CTS writes.
Expert: Findings Are Accurate
Although AMD says it's never heard of CTS, the bugs appear to be legitimate.
Dan Guido, a respected security researcher who is the CEO of Trail of Bits, wrote on Twitter that CTS approached his company, out of the blue, to review its research. Last week, CTS sent over a full technical write-up with proof-of-concept exploit code for each set of bugs.
"Regardless of the hype around the release, the bugs are real, accurately described in their technical report (which is not public afaik), and their exploit code works," Guido writes.
Regardless of the hype around the release, the bugs are real, accurately described in their technical report (which is not public afaik), and their exploit code works.— Dan Guido (@dguido) March 13, 2018
Guido writes that he initially agreed to review the findings gratis, but CTS began requesting more assistance. Eventually, Trail of Bits invoiced CTS for a week's worth of work, which Reuters reported as costing $16,000.
Some security experts, however, say it's not clear that these flaws pose a big real-world risk. "As far as I can see, you also need to have a prior compromise to exploit this," Alan Woodward, a professor of computer science at the University of Surrey, tells ISMG. "If you had that, then there may be easier ways to get what you want."
On the other hand, he notes, hackers might still abuse the flaws, for example to move laterally across a network. "It might be a good way of obtaining privileged credentials to enable network spreading," he says.
Unfortunately, chip-level flaws are notoriously difficult to fix. CTS's findings hark back to January, when researchers found a collection of CPU flaws dubbed Meltdown and Spectre (see Serious Meltdown and Spectre Flaws Make CPUs Exploitable).
Those flaws affected millions of processors made by Intel, AMD and ARM. The details of those flaws, discovered mid-year last year, were closely held for about six months until news leaked in early January.
Despite having a six-month lead, vendors had many troubles engineering fixes. Intel told users to stop applying firmware patches after users complained that systems unexpectedly rebooted.
Likewise, Microsoft halted distribution of patches for some types of AMD chipsets after the fixes froze computers. There also was another hiccup with anti-virus vendors after Microsoft required those companies to set a new registry key in order to allow the patches to be installed, which some vendors opposed (see Warning: Microsoft Fix Freezes Some PCs With AMD Chips).
(Executive Editor Mathew Schwartz contributed to this story.)