AMD has been rolling out updates to its Zen processors to mitigate the inception vulnerability that was discovered recently. However, it appears that there’s catch.
The Linux website Phoronix has been benchmarking the CPUs post update and the results are not good news for performance: in some cases, tasks were 54% slower than those run on unpatched chips.
Some apps, such as 7zip, Blender, and Firefox, didn’t take too much of a hit, although 7Zip performed the worst out of the three. However, industry-grade software appeared to suffer much more.
For instance, database app MariaDB performed much worse on patched Epyc server processors. Other applications related to code compilation, engineering, and image processing were also similarly impacted.
AMD has been patching its affected chips in three different ways: some have kernel-based mitigation, some have new microcode, and others have Indirect Branch Prediction Barrier (IBPB) mitigation applied. The latter is considered the most secure fix, but also most often responsible for the worst slowdowns.
This isn’t the first time a major CPU flaw has caused problems. Intel had the infamous Meltdown/ Spectre flaws in many of its processors – and AMD was affected partially too – which let threat actors read system memory and gain valuable information, such as passwords and encryption keys.
In trying to fix the problem with a firmware patch, Intel unwittingly made systems borderline unusable, causing spontaneous reboots and instability issues. It then issued a directive to all involved in the supply chain of its chips, including end-users, not to download the patch.
More recently, both CPU titans were found to have another security problem in their respective products, similar to Meltdown and Spectre, called Retbleed, which let abusers access kernel memory. Again, fixing this issue means inevitably slowing down the chips’ performance.