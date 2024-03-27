Key Takeaways Cybersecurity researchers discover ZenHammer flaw in AMD CPUs, notify AMD for a fix before hackers exploit it.

ZenHammer attack targets DDR5 memory in AMD Zen 2 and 3 processors, similar to Rowhammer exploit from 10 years ago.

While Zen 2 and 3 owners may be at risk, it's unlikely as hackers need physical access to the PC.

With computers permeating every area of our daily lives, people are keen to find new methods of attacking PC hardware. At all times, there is an arms race between cybersecurity researchers and malicious hackers who both want to find the latest exploits. The former wants to find them first so they can report it to the hardware company and get them fixed, while the latter wants to find flaws that nobody knows about for a free pass onto people's PCs. Fortunately, the researchers have won this round, as they have discovered a new flaw called ZenHammer that affects AMD CPUs and proceeded to report it to AMD.

Researchers discover a new "ZenHammer" attack vector for AMD Zen 2 and 3 processors

Source: AMD

You can read all the details in the "ZENHAMMER: Rowhammer Attacks on AMD Zen-based Platforms" report PDF document. It's a similar style to the Rowhammer attack that was discovered 10 years ago, but this one works on DDR5 memory running alongside Zen 2 and 3 processors.

Both Rowhammer and ZenHammer got their names because they "hammer" at the PC's memory. By attacking specific rows in the system's DRAM, it can cause neighboring rows to flip from a 1 to a 0, or vice versa. It sounds like a small change, but when done correctly, a hacker can elevate an app's permissions, or even break out of a virtual machine and spread into its host computer.

Fortunately, because the researchers found this first, they were able to deliver their findings to AMD so it could prepare a fix. On top of this, the company made a statement on the AMD website:

AMD microprocessor products include memory controllers designed to meet industry-standard DDR specifications. Susceptibility to Rowhammer attacks varies based on the DRAM device, vendor, technology, and system settings. AMD recommends contacting your DRAM or system manufacturer to determine any susceptibility to this new variant of Rowhammer.

Are AMD Zen 2 and 3 owners at risk?

While an attack against your AMD-powered PCs isn't impossible, it's quite unlikely that it will happen. Right now, ZenHammer is a local attack; that means it can't be done over an internet connection. It requires the hacker to be in the same room as your PC, with the knowledge of what processor your PC uses, and reverse-engineering the RAM so they know where to strike. If this actually happened, you'll have far worse things to worry about than someone running malware on your PC.