@nzmaa@lemy.lol to Technology@lemmy.worldEnglish • 4 months ago‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infectionswww.wired.comexternal-linkmessage-square53fedilinkarrow-up1220arrow-down136cross-posted to: pcgaming@lemmy.cahardware@lemmy.worldtechnology@hexbear.nettechnology@beehaw.orgpulse_of_truth@infosec.pub
arrow-up1184arrow-down1external-link‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infectionswww.wired.com@nzmaa@lemy.lol to Technology@lemmy.worldEnglish • 4 months agomessage-square53fedilinkcross-posted to: pcgaming@lemmy.cahardware@lemmy.worldtechnology@hexbear.nettechnology@beehaw.orgpulse_of_truth@infosec.pub
minus-squareViklinkfedilinkEnglish16•4 months agoThe article links to this: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html
minus-squareBlackLaZoRlinkfedilink28•4 months ago it may be possible for an attacker with ring 0 access to modify the configuration of System Management Mode (SMM) even when SMM Lock is enabled. If attacker has a ring 0 access he can already screw you up any way he wants
minus-squareViklinkfedilinkEnglish9•4 months agothat’s all well and good, I was just responding to someone who wanted the list of affected products
minus-squareWHYAREWEALLCAPSlinkfedilink5•4 months agoIt only mentions ring 0 access in your link, ergo they responded to your post because it was the most appropriate. At least that’s how I see it.
minus-square@SzethFriendOfNimi@lemmy.worldlinkfedilinkEnglish5•4 months agoTrue. This does allow for persistent recurring infection post clean and cold boot. Interesting flaw to keep an eye on.
The article links to this:
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html
If attacker has a ring 0 access he can already screw you up any way he wants
that’s all well and good, I was just responding to someone who wanted the list of affected products
It only mentions ring 0 access in your link, ergo they responded to your post because it was the most appropriate. At least that’s how I see it.
The link includes ‘CVE-2023-31315’
True. This does allow for persistent recurring infection post clean and cold boot.
Interesting flaw to keep an eye on.