1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • AMD confirms some Zen 5 CPUs have a worrying security flaw that c

    From TechnologyDaily@1337:1/100 to All on Tue Nov 4 17:15:07 2025
    AMD confirms some Zen 5 CPUs have a worrying security flaw that could put users at risk

    Date:
    Tue, 04 Nov 2025 17:03:00 +0000

    Description:
    AMD finds a vulnerability in the RDSEED hardware-based random number generator.

    FULL STORY ======================================================================AMD Zen 5 chips have a flaw in RDSEED which risks cryptographic key integrity Faulty RDSEED may return zeroes, enabling attackers to reconstruct private keys and break encryption AMD advises fallback to 64-bit RDSEED or software alternatives

    Some AMD processors, including those built on the latest Zen 5 architecture, carry a critical vulnerability which affects cryptographic operations and
    thus puts the integrity of protected data at serious risk.

    In a security bulletin, AMD detailed a flaw labeled as AMD-SB-7055,
    describing it as a vulnerability in the RDSEED hardware-based random number generator.

    On affected chips, the 16-bit and 32-bit forms of the RDSEED instruction may return 0 at a rate thats not entirely random while, at the same time,
    labeling the process as a success. In theory, if a company runs a server that generates cryptographic keys for encrypting customer data, and the software running on that server uses RDSEED instructions to get random numbers
    directly from the chip, the instruction might return all zeroes. Patches and mitigations

    Even though it obviously isnt all random, it would still signal that it succeeded, raising absolutely no red flags.

    As a result, attackers who obtain one of the public keys can mathematically reconstruct or guess the private key, breaking encryption or impersonating
    the company, meaning encrypted customer records, API tokens, or even software-update signatures could be forged or decrypted.

    Mitigations and patches are already in the works. By January 2026, depending on the CPU, most should have been mitigated.

    Fixes for AMD's consumer-based Zen 5 chips, including the Ryzen 9000 series, AI Max 300 series, Threadripper 9000 series, and Ryzen Z2 series, are coming out on November 25.

    AMD added it should have the necessary AGESA microcode updates out soon to rectify this issue across all Zen 5 CPUs.

    If youre running chips that dont have a working mitigation just yet, AMD recommends you switch back to its unaffected 64-bit form of RDSEED, or move
    to a software failback until it is released.

    Via Tom's Hardware

    Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the
    Follow button!

    And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/amd-confirms-some-zen-5-cpus-have-a-wor rying-security-flaw-that-could-put-users-at-risk


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)