New Ryzen Chipset Driver Patches Security Vulnerabilities

A new Ryzen Chipset Driver update was released yesterday, version 3.08.17.735, that patches “critical security flaws” in the Platform Security Processor driver. AMD has not revealed the exact details of the security flaws that were patched, but we presume they could be related to a couple of current AMD flaws.

Right now, AMD has two vulnerabilities affecting all Ryzen based CPUs listed on AMD’s website. One of these includes a Speculative code store bypass and floating-point value injection vulnerability, which can cause Ryzen CPUs to leak data when processing overwritten instructions when the CPU processes incorrect floating point numbers. The second vulnerability also relates to data leakage, called the Transient Execution of Non-canonical Accesses. This vulnerability can allow data leakage when the CPU executes a non-canonical load and stores those numbers with just 48 address bits or lower.