SiteBastion Aug 9, 2024
BleepingComputer

AMD is warning about a high-severity CPU vulnerability named SinkClose that impacts multiple generations of its EPYC, Ryzen, and Threadripper processors. The vulnerability allows attackers with Kernel-level (Ring 0) privileges to gain Ring -2 privileges and install malware that becomes nearly undetectable.

https://www.bleepingcomputer.com/news/security/new-amd-sinkclose-flaw-helps-install-nearly-undetectable-malware/

New AMD SinkClose flaw helps install nearly undetectable malware

AMD is warning about a high-severity CPU vulnerability named SinkClose that impacts multiple generations of its EPYC, Ryzen, and Threadripper processors. The vulnerability allows attackers with Kernel-level (Ring 0) privileges to gain Ring -2 privileges and install malware that becomes nearly undetectable.

BleepingComputer
Aug 9, 2024 at 4:56pmWeb
Show threadkasperdAug 9, 2024

Who is actually the attacker and the victim in their threat model?

Aren't CPU vendors trying to keep owners out of rings -1 and -2 on their own hardware?

Show threadRudimentary Pancake AssemblerAug 10, 2024
@kasperd @BleepingComputer
Those rings do not serve the user.
That is all that needs to be said.
Show threadmorbAug 9, 2024
@BleepingComputer just what we need, more mitigations to slow our processors down beyond 30%
Show threadLuís SilvaAug 10, 2024
@morb @BleepingComputer I really hope not...
Show threadThe Green KnightAug 9, 2024

@BleepingComputer where da AMD bois at?! C'mon, let's hear y'all bash AMD like y'all bash Intel now!

seriously though, this just proves BOTH major CPU manufacturers are ignoring long term security concerns for short term market gains.

it's literally a win win for them because they have a monopoly on the market together. what are you gonna do, go buy a RISC or ARM? good luck finding supported hardware/software. guess you're just going to buy the next gen "x" that has "no vulnerabilities".

Show threadAdelaide あで FisherAug 9, 2024
@BleepingComputer wait a second… does this mean someone can boot from livecd/separate drive and own your whole device at cpu level in a way that you can’t even easily check? am i reading this right?
Show threadbarunickAug 9, 2024
@actualwitch @BleepingComputer or they could steal the device? Threat model seems pretty limited.
Show threadTechokamiAug 10, 2024
@BleepingComputer I've said it before on other places but I'll say it again: we should never have tried to go beyond the 68040