AMD CPUs slapped with “Inception” vulnerability – The fix nukes CPU performance
Don't panic there's a very low chance you'll have any data stolen, but it's bad news for companies that hold onto sensitive data.
WePC is reader-supported. When you buy through links on our site, we may earn an affiliate commission. Prices subject to change. Learn more
AMD it seems has another security issue susceptible to leaking your data. In all reality, the average gamer is probably safe, however, as the vulnerability requires malware to execute. Something still needs to be done as AMD CPUs are slapped with performance-draining “Inception” vulnerability.
Unfortunately, however, for AMD, The fix likes to nuke your CPUs performance in some situations.
What is the AMD Inception Vulnerability
The “Inception” vulnerability is a CPU vulnerability that affects AMD processors, particularly those in the Zen architecture. However, Zen 1 and 2 appear to be safe.
This vulnerability has the potential to misguide a processor by creating a repeating instruction or function, which can lead to data leaks and other security risks. In other words, the vulnerability manipulates the processor’s behavior in a way that could result in unauthorized access to sensitive data.
Phoronix, a technology website known for its hardware testing and performance analysis, conducted tests using a newly released microcode from AMD to mitigate the Inception vulnerability. The results of these tests showed significant performance impacts, especially in certain types of applications.
It’s important to note that AMD has already issued a fix for “Family 19h” processors, which are EPYC processors. Phoronix has drummed up benchmarks by utilizing the microcode on AMD’s EPYC 7763, and the results are shocking in some cases.
How does the AMD Inception vulnerability fix affect performance?
Things get pretty in-depth and complicated during this Phoronix benchmark – So we’ll try to summarize and make it more simple to interpret.
Prior to delving into the benchmark results, you will come across various outcomes categorized as “safe RET” and others. To explain, these categories represent levels of “mitigations” introduced by AMD. Some of these mitigations are “kernel-based,” while others exclusively rely on the newly issued microcode, leading to variations in performance.
The impact of the Inception vulnerability mitigation varied across different applications and workloads. In less intensive applications, the performance impact was relatively minor, with little to no noticeable effect on user experience.
The same can be said for gaming applications, such as 3DMARK, the performance hit of the microcode was insignificant compared to the vulnerability it fixes.
However, in more data-intensive applications, such as MariaDB, the performance hit was more severe, exceeding a 50% drop in performance.
It’s important to note that these performance impacts are a common trade-off when addressing security vulnerabilities in CPUs. Mitigations often involve changes to the way the processor operates, which can affect how quickly it performs certain tasks. This trade-off between security and performance is a recurring theme in the technology industry.
Don’t panic – It’s not likely you’re a target
As far as security vulnerabilities go, AMD says malware would be needed to take advantage of the exploit, which it says, for now, has not happened outside of research circles. Nevertheless, mitigating patches are coming. – according to PC Gamer.
The fixes should be better optimized when released for desktop processors, the tiers of fixes released so far for the Epyc CPUs have proven to impact performance significantly. But it’s better to have a slower CPU than a vulnerable one I suppose. We can only wait and see what AMD has in store.
Users should have the option of applying a microcode patch or a full AGESA BIOS update. On the consumer side of things, BIOS’ for mobile and desktop processors are set to roll out this month.