Sinkclose Explained

Sinkclose
Cve:CVE-2023-31315
Discovered:Publicly disclosed
Affected Hardware:AMD processors since 2006

Sinkclose is a security vulnerability in certain AMD microprocessors dating back to 2006 that was made public by IOActive security researchers on August 9, 2024.[1] IOActive researchers Enrique Nissim and Krzysztof Okupski presented their findings at the 2024 Def Con security conference in Las Vegas[2] in a talk titled "AMD Sinkclose: Universal Ring-2 Privilege Escalation".

AMD said it would patch all affected Zen-based Ryzen, Epyc and Threadripper processors but initially omitted Ryzen 3000 desktop processors. AMD followed up and said the patch would be available for them as well.[3] AMD said the patches would be released on August 20, 2024.

Mechanism

Sinkclose affects the System Management Mode (SMM) of AMD processors. It can only be exploited by first compromising the operating system kernel. Once effected, it is possible to avoid detection by antivirus software and even compromise a system after the operating system has been re-installed.

External links

Notes and References

  1. Web site: AMD's 'Sinkclose' vulnerability affects hundreds of millions of processors, enables data theft — AMD begins patching issue in critical chip lines, more to follow. Anton Shilov. August 9, 2024. Tom's Hardware.
  2. Web site: Millions of AMD CPUs found vulnerable to 18-year-old 'Sinkclose' deep-system flaw but it's pretty difficult to exploit. Andy Edser. August 12, 2024. PC Gamer.
  3. Web site: Ryzen 3000 fix for 'Sinkclose' vulnerability arrives tomorrow — AMD reverses course and will patch Ryzen 3000 after all. Aaron Klotz. August 19, 2024. Tom's Hardware.

This article is licensed under the GNU Free Documentation License. It uses material from the Wikipedia article "Sinkclose".

Except where otherwise indicated, Everything.Explained.Today is © Copyright 2009-2024, A B Cryer, All Rights Reserved. Cookie policy.