SQUIP, which stands for Scheduler Queue Usage through Interference Probing, is a new CPU vulnerability found by security experts. This new security weakness has been discovered in Apple M1 CPUs and AMD Zen-based Ryzen chips, among others.

The issue is tied to different multi-level scheduling queues, whereas Intel utilizes a single scheduler and is hence not vulnerable to SQUIP.  AMD models using simultaneous multi-threading technology (SMT or simultaneous multi-threading) are impacted, which includes practically all AMD CPU types with the exception of a few. AMD is aware of the issue and has produced a report with the acronym and numbers CVE-2021-46778 that explains the presence of the processor vulnerability.

Separate multi-level scheduling queues may result in a side-channel vulnerability discovered in AMD CPU microarchitectures codenamed "Zen 1," "Zen 2," and "Zen 3," which employ simultaneous multithreading (SMT). An attacker might disclose sensitive information by monitoring the congestion in scheduling queues.

AMD advises software developers to utilize established best practices to prevent this issue. Furthermore, we would have to disable SMT (Simultaneous Multi-Threading), which would immediately degrade the speed of our CPU and PC. This instantly reduces performance.

QUIP affects all other Ryzen, Athlon, Threadripper, and EPYC processors with SMT. Excluding Ryzen  1, 2 and 3

Meanwhile, the Apple M1 is susceptible to SQUIP. Interestingly, there has been no mention of the M2, which might indicate that the problem has been handled on the latter.

Newer AMD Ryzen chips have SQUIP vulnerably