'SinkClose' AMD CPU vulnerability explained: How dangerous is it really?
The recent discovery of the 'SinkClose' vulnerability, officially designated as CVE-2023-31315, has raised concerns across the tech community due to its potential impact on AMD processors manufactured since 2006. This flaw, unveiled by security researchers Enrique Nissim and Krzysztof Okupski from IOActive at the Defcon hacker convention, affects a wide range of AMD's processor families, including EPYC, Ryzen, and Threadripper. With a Common Vulnerability Scoring System (CVSS) score of 7.5, SinkClose is considered a serious threat. It allows attackers with kernel-level access to escalate privileges to System Management Mode (SMM), a highly privileged CPU state, potentially enabling the installation of undetectable malware. Despite the severity of the vulnerability, the risk to individual PCs is mitigated by the requirement for kernel-level access, making it an unlikely target for hackers due to the high effort for low reward. However, servers, data centers, and cloud infrastructures are at a higher risk. AMD has responded by releasing security updates for its newer and most powerful processors, including EPYC data center processors and the latest Ryzen models. Unfortunately, older and still widely used chips like the Ryzen 3000, 2000, and 1000 series will not receive patches. To mitigate the risk, users are advised to update their system's BIOS with the latest AMD patches, ensure their systems are protected with system updates, use strong passwords, and enable two-factor authentication (2FA). For those using older, unpatched processors in critical environments, it may be prudent to consider upgrading to newer hardware. This proactive approach towards cybersecurity can help safeguard against potential exploits leveraging the SinkClose vulnerability. CVEs: CVE-2023-31315 [View Article](https://www.zdnet.com/article/sinkclose-amd-cpu-vulnerability-explained-how-dangerous-is-it-really/)