BleepingComputerAug 9, 2024

AMD is warning about a high-severity CPU vulnerability named SinkClose that impacts multiple generations of its EPYC, Ryzen, and Threadripper processors. The vulnerability allows attackers with Kernel-level (Ring 0) privileges to gain Ring -2 privileges and install malware that becomes nearly undetectable.

https://www.bleepingcomputer.com/news/security/new-amd-sinkclose-flaw-helps-install-nearly-undetectable-malware/

New AMD SinkClose flaw helps install nearly undetectable malware

AMD is warning about a high-severity CPU vulnerability named SinkClose that impacts multiple generations of its EPYC, Ryzen, and Threadripper processors. The vulnerability allows attackers with Kernel-level (Ring 0) privileges to gain Ring -2 privileges and install malware that becomes nearly undetectable.

BleepingComputer
Show threadkasperdAug 9, 2024

Who is actually the attacker and the victim in their threat model?

Aren't CPU vendors trying to keep owners out of rings -1 and -2 on their own hardware?

Show threadRudimentary Pancake Assembler
@kasperd @BleepingComputer
Those rings do not serve the user.
That is all that needs to be said.
Aug 10, 2024 at 12:08amWeb