Recent years have brought microarchitectural security intothe spotlight, proving that modern CPUs are vulnerable toseveral classes of microarchitectural attacks. These attacksbypass the basic isolation primitives provided by the CPUs:process isolation, memory permissions, access checks, andso on. Nevertheless, most of the research was focused on In-tel CPUs, with only a few exceptions. As a result, few vulner-abilities have been found in other CPUs, leading to specula-tions about their immunity to certain types of microarchi-tectural attacks. In this paper, we provide a black-box anal-ysis of one of these under-explored areas. Namely, we inves-tigate the flaw of AMD CPUs which may lead to a transientexecution hijacking attack. Contrary to nominal immunity,we discover that AMD Zen family CPUs exhibit transient ex-ecution patterns similar for Meltdown/MDS. Our analysisof exploitation possibilities shows that AMDs design deci-sions indeed limit the exploitability scope comparing to In-tel CPUs, yet it may be possible to use them to amplify othermicroarchitectural attacks.

翻译：近些年来,微科学安全受到关注,这证明现代CPU易受到几类微科学攻击的伤害。这些攻击绕过CPU提供的基本隔离原始物质:处理孤立、记忆许可、访问检查等等。然而,大多数研究都集中在情报部门CPU,只有少数例外。结果在其他CPU中发现,几乎没有脆弱性,导致对自身豁免的预估与某些类型的微科学构造攻击相似。在本文中,我们提供的是这些探索不足的地区之一的黑盒肛门反常。也就是说,我们渗透了AMD CPU的缺陷,这可能导致中度劫持攻击攻击攻击,但与名义豁免相反,我们发现AMD Z家庭CPU展示了类似于MDDD/MDS的中位前受迫害模式。我们对开发可能性的分析显示,AMDFDD-Devision 设计C-devention可能限制C-devolutions的可探索性。