AMD has advised users to disable a Predictive Store Forwarding (PSF) feature in Zen 3 processors when CPU is going to be used for sensitive operations. The point is that this function is vulnerable to side channel attacks.

PSF is a prediction mechanism that is one of the important elements of the operation of processors on the Zen 3 architecture. This feature uses the process of speculative execution of instructions, when the processor logic tries to predict the result of the load and starts executing subsequent instructions in advance. According to the company, most of the time, the PSF prediction is accurate, but in some cases the function may give inaccurate results, which leads to incorrect predictions.

According to AMD's notice, PSF could theoretically be used by attackers to carry out side-channel attacks, for example with “some kind of security control ” code that can be bypassed when the prediction mechanism does not work correctly.

“This may occur if a program (such as a web browser) hosts pieces of untrusted code and the untrusted code is able to influence how the CPU speculates in a way that results in data leakage. This is similar to the security risk with other Spectre-type attacks”, - AMD explained.

Since PSF is enabled by default in Zen 3 processors, AMD has provided instructions on how to disable it, as well as a Linux patch to enable/disable the feature.

However, due to the lack of data on real attacks with the exploitation of PSF, the company recommends not to disable the function for now. It is likely that disabling PSF could affect processor performance, but the company has not provided any guidance on this.

Source: securitylab.ru