Sinkclose
   HOME

TheInfoList



Click Here for Items Related To - Sinkclose
OR:
Sinkclose on:   [Wikipedia]   [Google]   [Amazon]

Sinkclose is a
security vulnerability Vulnerabilities are flaws or weaknesses in a system's design, implementation, or management that can be exploited by a malicious actor to compromise its security. Despite a system administrator's best efforts to achieve complete correctness, vir ...
in certain
AMD Advanced Micro Devices, Inc. (AMD) is an American multinational corporation and technology company headquartered in Santa Clara, California and maintains significant operations in Austin, Texas. AMD is a hardware and fabless company that de ...
microprocessor A microprocessor is a computer processor (computing), processor for which the data processing logic and control is included on a single integrated circuit (IC), or a small number of ICs. The microprocessor contains the arithmetic, logic, a ...
s dating back to 2006 that was made public by
IOActive IOActive is an independent computer security services firm active in several areas. They are known for reporting high severity security vulnerabilities in a variety of products. IOActive has published research on smart cities A smart city ...
security researchers on August 9, 2024. IOActive researchers Enrique Nissim and Krzysztof Okupski presented their findings at the 2024
DEF CON DEF CON (also written as DEFCON, Defcon, or DC) is a Computer security conference, hacker convention held annually in Las Vegas Valley, Las Vegas, Nevada. The first DEF CON took place in June 1993 and today many attendees at DEF CON include comp ...
security conference in Las Vegas in a talk titled "AMD Sinkclose: Universal Ring-2 Privilege Escalation". AMD said it would patch all affected Zen-based
Ryzen Ryzen ( ) is a brand of multi-core x86-64 microprocessors, designed and marketed by AMD for desktop, mobile, server, and embedded platforms, based on the Zen microarchitecture. It consists of central processing units (CPUs) marketed for mai ...
,
Epyc Epyc (stylized as EPYC) is a brand of multi-core x86-64 microprocessors designed and sold by AMD, based on the company's Zen microarchitecture. Introduced in June 2017, they are specifically targeted for the server and embedded system market ...
and
Threadripper Threadripper, or Ryzen Threadripper, is a brand of HEDT (high-end desktop) and workstation multi-core x86-64 microprocessors designed and marketed by Advanced Micro Devices (AMD), and based on the Zen microarchitecture. It consists of central pro ...
processors but initially omitted Ryzen 3000 desktop processors. AMD followed up and said the patch would be available for them as well. AMD said the patches would be released on August 20, 2024.


Mechanism

Sinkclose affects the
System Management Mode System Management Mode (SMM, sometimes called ring −2 in reference to protection rings) is an operating mode of x86 central processor units (CPUs) in which all normal execution, including the operating system, is suspended. An alternat ...
(SMM) of AMD processors. It can only be exploited by first compromising the
operating system kernel A kernel is a computer program at the core of a computer's operating system that always has complete control over everything in the system. The kernel is also responsible for preventing and mitigating conflicts between different processes. It is ...
. Once the exploit is effected, it is possible to avoid detection by antivirus software and even compromise a system after the operating system has been re-installed.


References


External links


IOActive announcement

NIST page on CVE-2023-31315
{{Hacking in the 2020s 2024 in computing AMD Computer security exploits X86 architecture