BleepingComputerAug 9, 2024

AMD is warning about a high-severity CPU vulnerability named SinkClose that impacts multiple generations of its EPYC, Ryzen, and Threadripper processors. The vulnerability allows attackers with Kernel-level (Ring 0) privileges to gain Ring -2 privileges and install malware that becomes nearly undetectable.

https://www.bleepingcomputer.com/news/security/new-amd-sinkclose-flaw-helps-install-nearly-undetectable-malware/

New AMD SinkClose flaw helps install nearly undetectable malware

AMD is warning about a high-severity CPU vulnerability named SinkClose that impacts multiple generations of its EPYC, Ryzen, and Threadripper processors. The vulnerability allows attackers with Kernel-level (Ring 0) privileges to gain Ring -2 privileges and install malware that becomes nearly undetectable.

BleepingComputer
Show threadAdelaide あで Fisher
@BleepingComputer wait a second… does this mean someone can boot from livecd/separate drive and own your whole device at cpu level in a way that you can’t even easily check? am i reading this right?
Aug 9, 2024 at 9:00pmWeb
Show threadbarunickAug 9, 2024
@actualwitch @BleepingComputer or they could steal the device? Threat model seems pretty limited.