AMD EPYC and Ryzen processors have a vulnerability called “Sinkclose” that could potentially affect millions of processors worldwide. Attackers could exploit the vulnerability to steal data or embed their own code into the system. The issue appears to have been present in AMD processors for over a decade, and was revealed at the Defcon hacker conference by security firm IOActive.
The “Sinkclose” vulnerability allows attackers to run their malicious code on AMD processors when they are in “System Management Mode”. However, to insert a piece of code, hackers must gain deep access to an AMD-based PC or server. To gain control of the system, attackers can use malware called a “bootkit”, which is not detected by antivirus software.
AMD has released a new bulletin security advisory that addresses the vulnerability. It also published a comprehensive list of processors that are affected. This includes Ryzen 3000 and above, as well as 1st Gen EPYC and above server processors. AMD is also offering firmware and microcode patches to mitigate the impact on various processor generations. All Ryzen and EPYC families are available for mitigation, with the exception of the older Ryzen 3000 Desktop family, which is based on the Zen 2 core architecture.
Source:
Wccftech