‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infectionsnzmaa@lemy.lol to Technology@lemmy.world – 183 points – 1 months agowired.com53Post a CommentPreviewYou are viewing a single commentView all commentsShow the parent commentThe article links to this: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html it may be possible for an attacker with ring 0 access to modify the configuration of System Management Mode (SMM) even when SMM Lock is enabled. If attacker has a ring 0 access he can already screw you up any way he wantsthat's all well and good, I was just responding to someone who wanted the list of affected productsIt only mentions ring 0 access in your link, ergo they responded to your post because it was the most appropriate. At least that's how I see it.The link includes 'CVE-2023-31315'True. This does allow for persistent recurring infection post clean and cold boot. Interesting flaw to keep an eye on.
The article links to this: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html it may be possible for an attacker with ring 0 access to modify the configuration of System Management Mode (SMM) even when SMM Lock is enabled. If attacker has a ring 0 access he can already screw you up any way he wantsthat's all well and good, I was just responding to someone who wanted the list of affected productsIt only mentions ring 0 access in your link, ergo they responded to your post because it was the most appropriate. At least that's how I see it.The link includes 'CVE-2023-31315'True. This does allow for persistent recurring infection post clean and cold boot. Interesting flaw to keep an eye on.
it may be possible for an attacker with ring 0 access to modify the configuration of System Management Mode (SMM) even when SMM Lock is enabled. If attacker has a ring 0 access he can already screw you up any way he wantsthat's all well and good, I was just responding to someone who wanted the list of affected productsIt only mentions ring 0 access in your link, ergo they responded to your post because it was the most appropriate. At least that's how I see it.The link includes 'CVE-2023-31315'True. This does allow for persistent recurring infection post clean and cold boot. Interesting flaw to keep an eye on.
that's all well and good, I was just responding to someone who wanted the list of affected productsIt only mentions ring 0 access in your link, ergo they responded to your post because it was the most appropriate. At least that's how I see it.The link includes 'CVE-2023-31315'
It only mentions ring 0 access in your link, ergo they responded to your post because it was the most appropriate. At least that's how I see it.The link includes 'CVE-2023-31315'
True. This does allow for persistent recurring infection post clean and cold boot. Interesting flaw to keep an eye on.
The article links to this:
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html
If attacker has a ring 0 access he can already screw you up any way he wants
that's all well and good, I was just responding to someone who wanted the list of affected products
It only mentions ring 0 access in your link, ergo they responded to your post because it was the most appropriate. At least that's how I see it.
The link includes 'CVE-2023-31315'
True. This does allow for persistent recurring infection post clean and cold boot.
Interesting flaw to keep an eye on.