nzmaa@lemy.lol to Technology@lemmy.worldEnglish · 10 个月前‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infectionswww.wired.comexternal-linkmessage-square53fedilinkarrow-up1209arrow-down133cross-posted to: pcgaming@lemmy.capcmasterrace@lemmit.onlinehardware@lemmy.worldtechnology@hexbear.nettechnology@beehaw.orgtechnology@lemmy.mlpulse_of_truth@infosec.pub
arrow-up1176arrow-down1external-link‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infectionswww.wired.comnzmaa@lemy.lol to Technology@lemmy.worldEnglish · 10 个月前message-square53fedilinkcross-posted to: pcgaming@lemmy.capcmasterrace@lemmit.onlinehardware@lemmy.worldtechnology@hexbear.nettechnology@beehaw.orgtechnology@lemmy.mlpulse_of_truth@infosec.pub
minus-squareVik@lemmy.worldlinkfedilinkEnglisharrow-up15·10 个月前The article links to this: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html
minus-squareBlackLaZoR@kbin.runlinkfedilinkarrow-up29arrow-down2·10 个月前 it may be possible for an attacker with ring 0 access to modify the configuration of System Management Mode (SMM) even when SMM Lock is enabled. If attacker has a ring 0 access he can already screw you up any way he wants
minus-squareVik@lemmy.worldlinkfedilinkEnglisharrow-up9·10 个月前that’s all well and good, I was just responding to someone who wanted the list of affected products
minus-squareWHYAREWEALLCAPS@fedia.iolinkfedilinkarrow-up4·10 个月前It only mentions ring 0 access in your link, ergo they responded to your post because it was the most appropriate. At least that’s how I see it.
minus-squareSzethFriendOfNimi@lemmy.worldlinkfedilinkEnglisharrow-up5·10 个月前True. This does allow for persistent recurring infection post clean and cold boot. Interesting flaw to keep an eye on.
The article links to this:
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html
If attacker has a ring 0 access he can already screw you up any way he wants
that’s all well and good, I was just responding to someone who wanted the list of affected products
It only mentions ring 0 access in your link, ergo they responded to your post because it was the most appropriate. At least that’s how I see it.
The link includes ‘CVE-2023-31315’
True. This does allow for persistent recurring infection post clean and cold boot.
Interesting flaw to keep an eye on.