AMD confirms some Zen 5 CPUs have a worrying security flaw that could put users at risk

News
By published

What happens when random keys are no longer that random?

AMD logo
(Image credit: Shutterstock / JHVEPhoto)
  • AMD Zen 5 chips have a flaw in RDSEED which risks cryptographic key integrity
  • Faulty RDSEED may return zeroes, enabling attackers to reconstruct private keys and break encryption
  • AMD advises fallback to 64-bit RDSEED or software alternatives

Some AMD processors, including those built on the latest Zen 5 architecture, carry a critical vulnerability which affects cryptographic operations and thus puts the integrity of protected data at serious risk.

In a security bulletin, AMD detailed a flaw labeled as “AMD-SB-7055”, describing it as a vulnerability in the RDSEED hardware-based random number generator.

On affected chips, the 16-bit and 32-bit forms of the RDSEED instruction may return “0” at a rate that’s not entirely random while, at the same time, labeling the process as a success. In theory, if a company runs a server that generates cryptographic keys for encrypting customer data, and the software running on that server uses RDSEED instructions to get random numbers directly from the chip, the instruction might return all zeroes.

Patches and mitigations

Even though it obviously isn’t all random, it would still signal that it succeeded, raising absolutely no red flags.

As a result, attackers who obtain one of the public keys can mathematically reconstruct or guess the private key, breaking encryption or impersonating the company, meaning encrypted customer records, API tokens, or even software-update signatures could be forged or decrypted.

Mitigations and patches are already in the works. By January 2026, depending on the CPU, most should have been mitigated.

Fixes for AMD's consumer-based Zen 5 chips, including the Ryzen 9000 series, AI Max 300 series, Threadripper 9000 series, and Ryzen Z2 series, are coming out on November 25.

AMD added it should have the necessary AGESA microcode updates out “soon” to rectify this issue across all Zen 5 CPUs.

If you’re running chips that don’t have a working mitigation just yet, AMD recommends you switch back to its unaffected 64-bit form of RDSEED, or move to a software failback until it is released.

Via Tom's Hardware

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

TOPICS
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.