AMD has identified a new form of side-channel attack affecting a wide range of its processors, termed the Transient Scheduler Attack (TSA). This includes four vulnerabilities discovered during an investigation of microarchitectural leaks. Though two vulnerabilities are rated as medium severity and two as low, Trend Micro and CrowdStrike label the threat as critical due to its complexity. Successful exploitation requires local access and low privileges. Worst-case scenarios involve potential information leakage from the OS kernel and applications, with low-severity bugs leading to internal CPU operation issues.
The Transient Scheduler Attack (TSA) comprises four vulnerabilities that AMD said it discovered while looking into a Microsoft report about microarchitectural leaks.
The reasons for the low severity scores are the high degree of complexity involved in a successful attack - AMD said it could only be carried out by an attacker able to run arbitrary code on a target machine.
In the worst-case scenarios enabled by the two medium-severity vulnerabilities, successful attacks on AMD chips could lead to information leakage of the OS kernel.
The attacks require only low privileges to succeed and would need local access to the machine, either through a piece of malware or a malicious VM.
#side-channel-attack #amd #transient-scheduler-attack #cybersecurity #microarchitectural-vulnerabilities
Collection
[
|
...
]