AMD confirms Zen 5 chips hit by critical bug - but a fix on the way
ZDNET's key takeaways
- This critical bug affects a large number of Zen 5 generation chips.
- The issue impacts the processor's pseudorandom number generator.
- AMD has fixes in the pipeline.
A Meta engineer uncovered an RDSEED bug affecting a range of AMD processors that compromises the processor's pseudorandom number generator.
The good news is that there's a fix in the works.
Also: I tested 3 Snapdragon X Windows laptops this year - and found 3 big issues (https://www.zdnet.com/article/i-tested-3-snapdragon-x-windows-laptops-this-year-and-found-3-big-issues/)
The bug was uncovered by Meta engineer Gregory Price, and details were posted to a Linux kernel mailing list (https://lore.kernel.org/lkml/20251016182107.3496116-1-gourry@gourry.net/) .
Price wrote:
"Under unknown architectural conditions, Zen5 chips running rdseed can produce (val=0,CF=1) as a "random" result over 10% of the time (when rdseed is successful). CF=1 indicates success, while val=0 is typically only produced when rdseed fails (CF=0)."
If that's all Greek to you, allow me to decipher it.
Put simply, RDSEED is designed to collect "environmental entropy," such as thermal and voltage noise, from the processor and use this to generate random numbers, similar to rolling a set of dice. Price is saying that about 10% of the time, running the code returns a 0, with no indication that something went wrong -- and the 0 would go on to be used for cryptographic purposes, compromising the security.
When the dice are left unrolled
It's like the system can't be bothered to roll any of the dice sometimes, but doesn't let anyone know!
That's a very big deal because numbers that are meant to be random have a high chance of being predictable, and this will seriously affect the security of anything that uses these "unrandom" random numbers.
This is not the first sort of bug (https://cgit.freedesktop.org/drm-tip/commit/arch?id=5b937a1ed64ebeba8876e398110a5790ad77407c) to affect AMD processors.
The bug affects the following lines of processors:
- EPYC 9005 Series
- Ryzen 9000, 9000HX Series
- Ryzen AI 300, AI Z2 Extreme, and AI Max 300 Series
- Ryzen Threadripper 9000 and Threadripper PRO 9000 WX-Series
- Ryzen Z2 Series Processors Extreme
- EPYC Embedded 4005, 9005, and 9000 Series
Fortunately, the bug only affects the 16-bit and 32-bit versions of RDSEED, and the 64-bit version can continue to be used as an interim workaround.
There is a fix for this bug (https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7055.html) incoming from AMD in the form of AGESA and microcode updates pushed to systems. The patch for the EPYC 9005 Series is already being rolled out, while other processors will get updated between now and January.
Get the morning's top stories in your inbox each day with our Tech Update newsletter (https://www.zdnet.com/newsletters/) .
Editorial standards (https://www.zdnet.com/editorial-guidelines/)
