AMD Zen 1~5全系CPU曝出StackWarp漏洞

市场资讯

Jan 17

（来源：IT之家）IT之家 1 月 17 日消息，科技媒体 cyberkendra 昨日（1 月 16 日）发布博文，报道称 CISPA 亥姆霍兹中心的研究人员披露名为 StackWarp 的高危硬件漏洞，该漏洞波及 AMD 自 2017 年 Zen 1 至 2024 年 Zen 5 的全系处理器。IT之家援引博文介绍，StackWarp 利用了堆栈引擎（一项性能优化功能）中的同步故障，操控一个...

Source Link

Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.

Most Discussed

{"basename":"","ssrTDKData":{"titleTemplate":"%s - Tiger Brokers","title":"Tiger Brokers | Global Stocks, Options & Futures Trading App","description":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","keywords":"tiger brokers,tiger trade,tiger brokers singapore,broker online,stock trading in singapore,share trading singapore,brokerage firm singapore,trading app,stock broker singapore,stock trading platforms,trading account","social":{"ogDescription":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","ogImage":"https://c1.itigergrowtha.com/portal5/static/media/og-logo.be62fbe1.png","ogUrl":"https://www.itiger.com/news/2604486989"},"companyName":"Tiger Brokers"},"pageData":{"isMobile":false,"isTiger":false,"isTTM":true,"region":"SGP","license":"TBSG","edition":"fundamental"},"isCrawlerRequest":true,"__swrFallback__":{"@#url:\"https://stock-news.skytigris.cn/v3/news\",params:#id:\"2604486989\",edition:\"fundamental\",auth_exemption:1,,,undefined,":{"share":"https://ttm.financial/m/news/2604486989?lang=en_US&edition=fundamental","thumbnail":"","is_english":false,"pubTime":"2026-01-17 09:49","share_image_url":"https://static.laohu8.com/9a95c1376e76363c1401fee7d3717173","id":"2604486989","market":"us","top_or_hot":-1,"title":"AMD Zen 1~5全系CPU曝出StackWarp漏洞","media":"市场资讯","content":"<div>\n<p>（来源：IT之家）IT之家 1 月 17 日消息，科技媒体 cyberkendra 昨日（1 月 16 日）发布博文，报道称 CISPA 亥姆霍兹中心的研究人员披露名为 StackWarp 的高危硬件漏洞，该漏洞波及 AMD 自 2017 年 Zen 1 至 2024 年 Zen 5 的全系处理器。IT之家援引博文介绍，StackWarp 利用了堆栈引擎（一项性能优化功能）中的同步故障，操控一个...</p>\n\n<a href=\"http://gu.qq.com/resources/shy/news/detail-v2/index.html#/?id=nesSN20260117095940a4cded18&s=b\">Source Link</a>\n\n</div>\n","source":"tencent","html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>AMD Zen 1~5全系CPU曝出StackWarp漏洞</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\nAMD Zen 1~5全系CPU曝出StackWarp漏洞\n</h2>\n\n<h4 class=\"meta\">\n\n\n2026-01-17 09:49 北京时间&nbsp;&nbsp;&nbsp;<a href=http://gu.qq.com/resources/shy/news/detail-v2/index.html#/?id=nesSN20260117095940a4cded18&s=b><strong>市场资讯</strong></a>\n\n\n</h4>\n\n</header>\n<article>\n<div>\n<p>（来源：IT之家）IT之家 1 月 17 日消息，科技媒体 cyberkendra 昨日（1 月 16 日）发布博文，报道称 CISPA 亥姆霍兹中心的研究人员披露名为 StackWarp 的高危硬件漏洞，该漏洞波及 AMD 自 2017 年 Zen 1 至 2024 年 Zen 5 的全系处理器。IT之家援引博文介绍，StackWarp 利用了堆栈引擎（一项性能优化功能）中的同步故障，操控一个...</p>\n\n<a href=\"http://gu.qq.com/resources/shy/news/detail-v2/index.html#/?id=nesSN20260117095940a4cded18&s=b\">Source Link</a>\n\n</div>\n\n\n</article>\n</div>\n</body>\n</html>\n","isBrief":false,"type":0,"news_type":1,"symbol":"LU1242518931.SGD","symbol_name":"Fullerton Lux Funds - Asia Absolute Alpha A Acc SGD","start_time":0,"source_url":"http://gu.qq.com/resources/shy/news/detail-v2/index.html#/?id=nesSN20260117095940a4cded18&s=b","article_id":"2604486989","we_media_id":null,"thumbnails":[],"rights":{"source":"tencent","url":"http://gu.qq.com/resources/shy/news/detail-v2/index.html#/?id=nesSN20260117095940a4cded18&s=b","rn_cache_url":null,"customStyle":"body{padding-top:10px;}#news_title{font-weight:bold;#titleStyle#;}#news_description span{font-size:12px;#descriptionStyle#;}.footer-note{#statement#}","selectors":".mod-LoadTzbdNews, body","filters":".relate-stock, .hot-list, .recom-box, .wx-sou","directOrigin":true},"url":"https://stock-news.laohu8.com/highlight/detail?id=2604486989","pubTimestamp":1768614540,"columns":[],"sourceInfo":{"source_id":"tencent","name":"腾讯"},"weMediaInfo":null,"summary":"IT之家 1 月 17 日消息，科技媒体 cyberkendra 昨日发布博文，报道称 CISPA 亥姆霍兹中心的研究人员披露名为 StackWarp 的高危硬件漏洞，该漏洞波及 AMD 自 2017 年 Zen 1 至 2024 年 Zen 5 的全系处理器。IT之家援引博文介绍，StackWarp 利用了堆栈引擎中的同步故障，操控一个未公开的模型特定寄存器控制位，该控制位用于启用或禁用堆栈指针跟踪。研究人员通过演示证实了 StackWarp 的破坏力。AMD 目前已确认该漏洞，并分配了 CVE-2025-29943 编号，同时向企业客户发布了微码补丁。","collect":0,"end_time":0,"defaultTopTitle":"qq.com","property":[],"viewcount":null,"language":"zh","relate_stocks":{"LU1242518931.SGD":"Fullerton Lux Funds - Asia Absolute Alpha A Acc SGD","LU1951200564.SGD":"Natixis Thematics AI & Robotics Fund R/A SGD","LU0127658192.USD":"EASTSPRING INVESTMENTS GLOBAL TECHNOLOGY \"A\" (USD) ACC","LU0274383776.USD":"MANULIFE GF US SMALL CAP EQUITY \"AA\" (USD) INC","LU0082616367.USD":"摩根大通美国科技A（dist）","LU2089985449.USD":"MANULIFE GF GLOBAL SEMICONDUCTOR OPPORTUNITIES \"AA\" (USD) ACC","LU2360106780.USD":"BGF WORLD TECHNOLOGY \"A4\" (USD) INC","LU2355687059.USD":"NORDEA 1 GLOBAL IMPACT  \"BP\" (USD) ACC","IE0009356076.USD":"JANUS HENDERSON GLOBAL TECHNOLOGY AND INNOVATION \"A2\" (USD) ACC","LU0719512351.SGD":"JPMorgan Funds - US Technology A (acc) SGD","LU1803068979.SGD":"FTIF - Franklin Technology A (acc) SGD-H1","BK4573":"虚拟现实","LU2931357623.SGD":"MANULIFE GF GLOBAL SEMICONDUCTOR OPPORTUNITIES \"AA\" (SGDHDG) ACC","LU0979878070.USD":"FULLERTON LUX FUNDS - ASIA ABSOLUTE ALPHA \"A\" (USD) ACC","LU1923623000.USD":"Natixis Thematics AI & Robotics Fund R/A USD","BK4554":"元宇宙及AR概念","LU1989764664.SGD":"CPR Invest - Global Disruptive Opportunities A2 Acc SGD-H","IE00BMPRXR70.SGD":"Neuberger Berman 5G Connectivity A Acc SGD-H","BK4532":"文艺复兴科技持仓","BK4512":"苹果概念","BK4543":"AI","IE00BMPRXN33.USD":"NEUBERGER BERMAN 5G CONNECTIVITY \"A\" (USD) ACC","LU0198837287.USD":"UBS (LUX) EQUITY SICAV - USA GROWTH \"P\" (USD) ACC","LU0081259029.USD":"UBS (LUX) EQUITY FUND - TECH OPPORTUNITY \"P\" (USD) ACC","BK4585":"ETF&股票定投概念","LU1861559042.SGD":"日兴方舟颠覆性创新基金B SGD","IE00B5949003.HKD":"JANUS HENDERSON GLOBAL TECHNOLOGY AND INNOVATION \"A\" (HKD) ACC","BK4141":"半导体产品","BK4534":"瑞士信贷持仓","LU0823434740.USD":"BNP PARIBAS US GROWTH \"C\" (USD) INC","LU2264538146.SGD":"Fullerton Lux Funds - Global Absolute Alpha A Acc SGD","LU0889565833.HKD":"FRANKLIN TECHNOLOGY \"A\" (HKD) ACC","BK4529":"IDC概念","BK4575":"芯片概念","LU0823421333.USD":"BNP PARIBAS DISRUPTIVE TECHNOLOGY \"C\" (USD) ACC","LU2054465674.USD":"UBS (LUX) KEY SELEC SICAV DIGITAL TRANSFORMATION T \"P\" (USD) ACC","BK4566":"资本集团","LU0390134368.USD":"FRANKLIN GLOBAL GROWTH \"A\" (USD) ACC","LU1303367103.USD":"摩根大通多经理另类基金 A (acc)","LU0056508442.USD":"贝莱德世界科技基金A2","BK4588":"碎股","LU1242518857.USD":"FULLERTON LUX FUNDS - ASIA ABSOLUTE ALPHA \"I\" (USD) ACC","LU0823421416.USD":"BNP PARIBAS DISRUPTIVE TECHNOLOGY \"C\" (USD) INC","LU1316542783.SGD":"Janus Henderson Horizon Global Technology Leaders A2 SGD","LU2098885051.SGD":"JPMorgan Funds - Multi-Manager Alternatives A (acc) SGD","LU1852331112.SGD":"Blackrock World Technology Fund A2 SGD-H","BK4612":"AI芯片","LU2458330169.SGD":"FRANKLIN SHARIAH TECHNOLOGY \"A\" (SGD) ACC","LU1880398554.USD":"AMUNDI FUNDS GLOBAL EQUITY \"A2\" (USD) INC","LU1880398471.USD":"AMUNDI FUNDS GLOBAL EQUITY \"A2\" (USD) ACC","BK4614":"Manus概念股","AMD":"美国超微公司","LU1064131342.USD":"Fullerton Lux Funds - Global Absolute Alpha A Acc USD","LU2458330243.SGD":"FRANKLIN SHARIAH TECHNOLOGY \"A-H1\" (SGDHDG) ACC","LU2250418816.HKD":"BGF WORLD TECHNOLOGY \"A\" (HKD) ACC","LU0823434583.USD":"BNP PARIBAS US GROWTH \"C\" (USD) ACC","IE0004445239.USD":"JANUS HENDERSON US FORTY \"A2\" (USD) ACC","BK4605":"半导体精选","LU1951198990.SGD":"Natixis Thematics AI & Robotics Fund H-R/A SGD-H","LU1861558580.USD":"日兴方舟颠覆性创新基金B","LU1988902786.USD":"FULLERTON LUX FUNDS GLOBAL ABSOLUTE ALPHA \"I\" (USD) ACC","LU0109392836.USD":"富兰克林科技股A","LU0642271901.SGD":"Janus Henderson Horizon Global Technology Leaders A2 SGD-H"},"translate_title":"StackWarp vulnerability exposed to all AMD Zen 1 ~ 5 CPUs","themeId":null,"isJumpTheme":false,"ttsUrl":null,"symbols_score_info":{"AMD":1.91},"content_text":"（来源：IT之家）IT之家 1 月 17 日消息，科技媒体 cyberkendra 昨日（1 月 16 日）发布博文，报道称 CISPA 亥姆霍兹中心的研究人员披露名为 StackWarp 的高危硬件漏洞，该漏洞波及 AMD 自 2017 年 Zen 1 至 2024 年 Zen 5 的全系处理器。IT之家援引博文介绍，StackWarp 利用了堆栈引擎（一项性能优化功能）中的同步故障，操控一个未公开的模型特定寄存器（MSR 0xC0011029）控制位，该控制位用于启用或禁用堆栈指针跟踪。恶意的云提供商可以通过 CPU 线程切换该控制位，引发连锁反应，影响运行加密虚拟机的同级线程。这种操作会让 CPU “冻结”堆栈指针的架构更新。在攻击者重新启用引擎后，累积的偏移量会瞬间“释放”，导致堆栈指针发生高达 640 字节的确定性位移。值得注意的是，这种攻击无需访问访客明文或注入中断，完全避开了传统安全监控。研究人员通过演示证实了 StackWarp 的破坏力。在加密操作过程中，攻击者仅需通过精准的堆栈操控破坏一个签名，即可提取出 RSA-2048 私钥。此外，攻击者还能利用该漏洞将堆栈移动 32 个字节，直接跳过 OpenSSH 的密码验证环节，或者通过破坏系统调用的返回值，将普通用户权限提升至 Root 级。这意味着，原本被企业视为“数据保险箱”的机密计算环境，可能已沦为攻击者的后花园。AMD 目前已确认该漏洞，并分配了 CVE-2025-29943 编号，同时向企业客户发布了微码补丁。然而，在硬件级修复方案随下一代处理器问世前，现有的临时解决方案代价高昂。为了彻底阻断攻击路径，用户需要禁用同步多线程（SMT / 超线程）技术。这一操作虽然有效，但会直接导致可用 CPU 核心数减半，迫使企业在保障数据安全与维持计算性能之间做出痛苦的抉择。IT之家附上参考地址","kind":"news","is_publish_news":true,"is_publish_highlight":false,"is_publish_live":false,"is_publish_wemedia":null,"editions":null,"column":"","sentiment":"-2","news_tag":"policyRegulatory","news_rank":0,"symbols":[],"gpt_button":0,"need_auth":false,"code":"91000000","status":"200"}}}