AMD Confirms New 'Sinkclose' Vulnerability Affecting Millions of Users

TapTechNews August 10th news, AMD officially confirmed that there is a new vulnerability named "Sinkclose" in some EPYC and Ryzen processors, with the code "CVE-2023-31315", which may involve millions of AMD users worldwide.

So, what is Sinkclose? According to a report from WIRED, this vulnerability allows intruders to run malicious code in the "system management mode". Allegedly, intruders can use a malicious software called bootkit to control the other party's system, and this malicious software cannot be detected by anti-virus software.

TapTechNews note: The System Management Mode (SMM) is a special CPU working mode, aiming to achieve advanced power management and operating system independent functions, and can provide the same execution environment as the system management interrupt (SMI) handler in the traditional IA-32 architecture, which can only enter through the system management interrupt (SMI) and can only exit by executing the RSM instruction.

AMD's security bulletin shows that including Ryzen 3000 and the first-generation EPYC and newer CPUs are all affected. In response, AMD provides a new firmware and microcode patch to mitigate the impact of "Sinkclose" on various generations of CPUs (but there is no repair plan for the Ryzen 3000 series desktop processors for the time being).

Reference materials: