3 years ago, many of Intel’s processors suffered from the Spectre security vulnerability which concerned security experts. Now, AMD’s Ryzen Zen 3 processors are suffering from a security vulnerability similar to Spectre as detailed in AMD’s whitepaper.
The Predictive Store Forwarding Software On AMD Ryzen Zen 3 Processors Creates Security Vulnerabilities
The new technology introduced by AMD on the Zen 3 based Ryzen & EPYC processors, Predictive Store Forwarding (PSF), has opened up security vulnerabilities. PSF functions by predicting the relationship between loads and stores which improves code execution performance. For the most part, the predictions are correct, but in the case of an incorrect prediction, the result is incorrect CPU speculation.
The AMD Zen CPU architects have come out and stated that the bad speculating is on the same level as Spectre v4. The inherent risk that comes along with isolation is something AMD has to prepare for with PSF. The quotes above and below
AMD has not seen any cases of exploits or any code that’s considered vulnerable to misprediction using Predictive Store Forwarding. Thus it is believed that the security risk is low for most applications. AMD admits that there are some security vulnerabilities, but the technology also brings performance advantages for its Ryzen CPUs.
AMD officially recommends leaving Predictive Store Forwarding on to achieve the best possible performance. Those that are worried about the vulnerability can disable PSF.
