#sinkclose — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #sinkclose, aggregated by home.social.
-
TUXEDO OS update closes sinkclose gap in AMD processors 💪
Read more about: https://www.tuxedocomputers.com/en/TUXEDO-OS-update-closes-sinkclose-gap-in-AMD-processors.tuxedo
-
Security Alert: AMD Sicherheitslücke Sinkclose
Es wurde eine sehr schwerwiegende, wenn auch nur schwierig auszunutzende Sicherheitslücke (setzt Kernel-Zugriff voraus) in AMD-CPUs gefunden. Die Lücke betrifft praktisch alle CPUs der letzten 18 Jahre. https://kantel.github.io/posts/2024082001_sinkclose/ #Update #Security #AMD #Sinkclose #Linux
-
Sicherheitslücke: Sinkclose betrifft alle AMD-CPUs seit fast 20 Jahren (Update 2) https://www.computerbase.de/2024-08/sicherheitsluecke-sinkclose-betrifft-alle-amd-cpus-seit-fast-20-jahren/#update-2024-08-17T12:14 #sinkclose #amd #ryzen #zen #secruity
-
Cette faille #sinkclose semble être traitée avec beaucoup de légèreté par #AMD. Ils proposent des solutions... mais pas pour les ryzen 3000 ?? C'est du foutage de gueule, ou il me manque du contexte ?
Via @nextinpact https://next.ink/146424/sinkclose-tous-les-processeurs-amd-sont-vulnerables-a-linsertion-de-code-malveillant/
-
#AMD Issues Updates for Silicon-Level 'SinkClose' Processor Flaw
SinkClose flaw in SMM on AMD EPYC (data center chips) and various Ryzen models can allow threat actor to drop #malware deep enough in a system that the operating system or the hyper visor wouldn’t be able to detect it.
Attackers require kernel-level access to exploit this; but put into context, kernel-level access is a substantial pwn in itself. Chances are even before an attacker could obtain kernel-level access, you’d already have major problems.
AMD has issued #firmware updates and mitigations for various models.
#cybersecurity #infosec #sinkclose
https://www.darkreading.com/remote-workforce/amd-issues-updates-for-silicon-level-sinkclose-flaw
-
AMD Says New Sinkclose CPU Vulnerability Only Affects ‘Seriously Breached Systems’ https://www.securityweek.com/amd-says-new-sinkclose-cpu-vulnerability-only-affects-seriously-breached-systems/ #EndpointSecurity #CPUvulnerability #Sinkclose #Amd
-
AMD Says New Sinkclose CPU Vulnerability Only Affects ‘Seriously Breached Systems’ https://www.securityweek.com/amd-says-new-sinkclose-cpu-vulnerability-only-affects-seriously-breached-systems/ #EndpointSecurity #CPUvulnerability #Sinkclose #Amd
-
Sicherheitslücke: Sinkclose betrifft alle AMD-CPUs seit fast 20 Jahren (Update) https://www.computerbase.de/2024-08/sicherheitsluecke-sinkclose-betrifft-alle-amd-cpus-seit-fast-20-jahren/#update-2024-08-13T07:11 #sinkclose #amd #ryzen #zen #secruity
-
Please refer to your OEM for the BIOS update specific to your product. https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html #amd #sinkclose #infosec
-
Sicherheitslücke: Sinkclose betrifft alle AMD-CPUs seit fast 20 Jahren https://www.computerbase.de/2024-08/sicherheitsluecke-sinkclose-betrifft-alle-amd-cpus-seit-fast-20-jahren/ #sinkclose #amd #ryzen #zen #secruity
-
#Sinkclose trifft #AMD: #CPU-Lücke macht #Malware-Infektionen nahezu unumkehrbar
-
Viele #Prozessor-Modelle von #AMD sind von der #Sinkclose-#Sicherheitslücke betroffen. Jetzt hat der #Chip-Hersteller damit begonnen, #Updates auszuliefern. Einige #CPU-Varianten bleiben jedoch auf der Strecke. https://winfuture.de/news,144449.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia
-
Patched my desktop PC for the Sinkclose (CVE-2023-31315) AMD cpu hardware vulnerability.
Of course, as always, the MSI firmware upgrade, nuked my Linux boot loader out of the EFI and I had to use a USB live-media to manually fix that using a grub-install ...
#linux #msi #bios #update #security #cve_2023_31315 #sinkclose
-
Anyone got any more detail of the #amd #sinkclose bug?
I found a 'redacted' version of the Defcon PDF; it seems to be suggesitng poking the 'top of memory' msr and then getting the hardware confused between PCI/RAM/etc - but most of the slides are missing: -
#CyberSecurity #AMD #Sinkclose #ComputerBugs #Vulnerability: "Now security researchers have found one such flaw that has persisted in AMD processors for decades, and that would allow malware to burrow deep enough into a computer's memory that, in many cases, it may be easier to discard a machine than to disinfect it.
At the Defcon hacker conference, Enrique Nissim and Krzysztof Okupski, researchers from the security firm IOActive, plan to present a vulnerability in AMD chips they're calling Sinkclose. The flaw would allow hackers to run their own code in one of the most privileged modes of an AMD processor, known as System Management Mode, designed to be reserved only for a specific, protected portion of its firmware. IOActive's researchers warn that it affects virtually all AMD chips dating back to 2006, or possibly even earlier."
-
Wie schwerwiegend #sinkclose ist, ordnet @heiseonline aber richtig ein:
»Ein vergleichbarer Fehler führte im Mai 2015 zum kompletten Austausch der Hardware des Bundestages, wie heise online berichtete. Angreifer hatten damals Computer in zahlreichen Abgeordnetenbüros mit Spionagesoftware infiziert, darunter auch Rechner im Bundestagsbüro von Kanzlerin Angela Merkel (CDU).«
Das wäre auch diesmal u.U. angebracht, denn Wire zitiert die Entdecker der Sicherheitslücke folgendermaßen:
“Imagine nation-state hackers or whoever wants to persist on your system. Even if you wipe your drive clean, it's still going to be there,” says Okupski. “It's going to be nearly undetectable and nearly unpatchable.” Only opening a computer's case, physically connecting directly to a certain portion of its memory chips with a hardware-based programming tool known as SPI Flash programmer and meticulously scouring the memory would allow the malware to be removed, Okupski says.
Nissim sums up that worst-case scenario in more practical terms: “You basically have to throw your computer away.”
-
#Sinkclose Flaw in Hundreds of Millions of #AMD Chips Allows Deep, Virtually Unfixable Infections
-
‘#Sinkclose’ Flaw in Hundreds of Millions of #AMD Chips Allows Deep, Virtually Unfixable Infections
Researchers warn that a bug in AMD’s chips would allow attackers to root into some of the most privileged portions of a computer
—and that it has persisted in the company’s processors for decades.The flaw would allow hackers to run their own code in one of the most privileged modes of an AMD processor,
known as System Management Mode, designed to be reserved only for a specific, protected portion of its firmware.IOActive's researchers warn that it affects virtually all AMD chips dating back to 2006, or possibly even earlier.
-
what is happening with all the processors? why is there every month a new devastating vulnerability?
#intel #amd #sinkclose -
Es gibt eine Lücke in Prozessoren, die Angreifer*innen, die bereits Kernelrechte erreicht haben, ein permanentes Einnisten im System ermöglicht. Dabei agieren sie auf einer Ebene unter Hypervisor oder Kernel und bleiben so vor Betriebssystem und Malwarescannern versteckt. Um Code zu entfernen reicht eine Neuinstallation des Betriebssystems nicht aus, da sich so persistierter Schadcode in den Ebenen darunter befindet.
Angreifer*innen benötigen vorher bereits eine Lücke, die Ausführen von Code mit Kernelrechten im Prozessor erlaubt. Erst dann können sie die neue Lücke nutzen, um Code noch tiefer im System zu verankern.
#itsicherheit #itsecurity #infosec #sinkclose #CVE-2023-31315
-
Almost unfixable “Sinkclose” bug affects hundreds of millions of AMD chips - Security flaws in your computer's firmware, the deep-seated code that loads first ... - https://arstechnica.com/?p=2042298 #syndication #sinkclose #security #amd #cpu
-
La placa base tiene un reprogramador por hardware así que la actualizaré de esa manera después de estar disponible la corrección de #sinkclose.
-
#sinkclose, una vulnerabilidad que ha cumplido la mayoría de edad sin que nadie lo supiera.
Los procesadores viejos no recibirán parche en UEFI o BIOS (https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html).
El caso es que voy a comprobar las actualizaciones de UEFI de la placa base y veo que hay una nueva versión disponible pero no es por este fallo. Es por otro, CVE-2024-36877 (https://github.com/jjensn/CVE-2024-36877) que también afecta al modo #SMM.
Así que aún tiene que salir otra actualización que corrija sinkclose, CVE-2023-31315.
Joer qué suerte.
Estas vulnerabilidades requieren acceso total al sistema operativo, momento en el que el atacante puede hacer lo que le dé la gana como por ejemplo intentar entrar en areas protegidas por el hardware y ganar permanencia escribiendo en el firmware, que es lo que tratan estas dos vulnerabilidades.
-
New #AMD #SinkClose flaw helps install nearly undetectable #malware
-
👉 Scoperta falla Sinkclose nelle cpu AMD
https://gomoot.com/scoperta-falla-sinkclose-nelle-cpu-amd/
#amd #apt #blog #cpu #firmware #hacker #news #picks #ram #secureboot #sinkclose #tech #tecnologia #defcon2024
-
AMD Sinkclose: Universal Ring-2 Privilege Escalation
When researching the AMD processor, our team noticed a flaw in one of the critical components required for securing SMM. This silicon-level issue appears to have remained undetected for nearly two decades.
https://ioactive.com/event/def-con-talk-amd-sinkclose-universal-ring-2-privilege-escalation/
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html