"Sinkclose" Vulnerability Affects Every AMD CPU Dating Back to 2006

Qwerty101 · Aug 12, 2024

This is getting ridiculous!

AMD and Intel both working against the second hand market and product longevity. Completely by accident of course…….

Intel: Your second hand PC might have a faulty CPU, that starts to fail due to mysterious degradation.

AMD: Your second hand PC might be compromised in a stealth mode, where no clean OS reinstall will help you.

R-T-B · Aug 12, 2024

Qwerty101 said:
This is getting ridiculous!

AMD and Intel both working against the second hand market and product longevity. Completely by accident of course…….

Intel: Your second hand PC might have a faulty CPU, that starts to fail due to mysterious degradation.

AMD: Your second hand PC might be compromised in a stealth mode, where no clean OS reinstall will help you.

Just install the bios update and forget about it. Seriously. This isn't some grand conspiracy.

Although, it is pretty bad they drop support for 3000 and below, admitedly, but thats an AMD exclusive thing, pretty much...

RJARRRPCGP · Aug 12, 2024

jpvalverde85 said:
There are Zen2 processors that will get the upgrade

Matisse is Zen 2. So that means lots of chips bought during the very-early pandemic, are considered obsolete now!

R-T-B said:
Rootkits are not the same as ring -2. They typically cannot survive a reinstall.

Yeah, ones that survive a drive wipe, are a BIOS-rootkit!

Visible Noise · Aug 12, 2024

What people are missing is because of the incompleteness of this article.

This vulnerability - which AMD themselves have rated as high severity - allows undetectable persistence of UEFI malware. Once that occurs it’s throw out the machine time.

RJARRRPCGP · Aug 12, 2024

Visible Noise said:
allows undetectable persistence of UEFI malware. Once that occurs it’s throw out the machine time.

That's what the Coffee Lake-and-earlier CSME bug was, and I have been wondering if just a packet received while connected to the internet, results in a contaminated UEFI-BIOS.
Doesn't affect Comet Lake and later.

The current AMD bug found, only affects ring-0 access.

R-T-B · Aug 12, 2024

RJARRRPCGP said:
That's what the Coffee Lake-and-earlier CSME bug was, and I have been wondering if just a packet received while connected to the internet, results in a contaminated UEFI-BIOS.
Doesn't affect Comet Lake and later.

The current AMD bug found, only affects ring-0 access.

I mean its all bad. Whataboutism serves no one here.

RJARRRPCGP · Aug 12, 2024

R-T-B said:
Just install the bios update and forget about it.

Warning: BIOS update currently not available for ASRock B550 PG Velocita

Solaris17 · Aug 12, 2024

Damn, time to put my 3600+ brisbane to sleep. /salute

Vincero · Aug 12, 2024

Solaris17 said:
Damn, time to put my 3600+ brisbane to sleep. /salute

This does make me think there should be a buy back system in place. People could still buy (as new) Ryzen 3000 series products less than 3 years ago - technically you are still in warranty (brand new unsold items sitting on the shelf still get the same end user warranty period) - if you're not gonna support it then should be forced to offer a buy back.... I bet the support teams will miraculously offer BIOS updates as that little bit of work would cost far less.

AMD have said they probably will not offer updates for R3000 chips but I suspect it's more likely a case of getting little interest from motherboard/system OEM's also, and at the end of the day, nearly every AM4 motherboard would need to have the BIOS updates offered to fix this so why not just roll the patch to cover them also...??
To their credit, Intel did actually do patches for the Spectre/Meltdown CPU microcode all the way back to Nehalem (1st gen Core-i3/5/7 from 2008/2009) but the lazy motherboard manufacturers did nothing for them - I can count on one hand the amount of BIOS updates for systems that old that appeared - in the consumer/enthusiast components mainstream the newest platform I ever saw with BIOS updates for it was Haswell (LGA1150) - anything Ivy Bridge or earlier with patches is pretty rare.

Frick · Aug 12, 2024

Vincero said:
Not until you run a command that does and then you get the UAC prompt...

That's the point, I need to tell it.

AusWolf · Aug 12, 2024

The article mentions CVE-2023-31315 vulnerability. According to AMD's website, AGESA 1.2.0.1 will patch it for Ryzen 7000. According to my motherboard's support page, the latest BIOS with AGESA 1.2.0.0a patches CVE-2024-31315. Are these the same thing?

Chrispy_ · Aug 12, 2024

R-T-B said:
Rootkits are not the same as ring -2. They typically cannot survive a reinstall.

Yeah, I think my heavy-handed, scorched earth approach to anything AV can't tackle means that rootkits and ring -2 are identical to me. Both need BIOS reflash and disks secure-erased before a reinstall.

R-T-B · Aug 12, 2024

Chrispy_ said:
Yeah, I think my heavy-handed, scorched earth approach to anything AV can't tackle means that rootkits and ring -2 are identical to me. Both need BIOS reflash and disks secure-erased before a reinstall.

At ring -2 you can't even necessarily trust bios reflash. Not unless using a hardware flasher anyways. Its serious suck level stuff.

Visible Noise · Aug 12, 2024

AusWolf said:
The article mentions CVE-2023-31315 vulnerability. According to AMD's website, AGESA 1.2.0.1 will patch it for Ryzen 7000. According to my motherboard's support page, the latest BIOS with AGESA 1.2.0.0a patches CVE-2024-31315. Are these the same thing?

I think your motherboard support page is wrong, this is a 2023 vulnerability.

Chrispy_ said:
Yeah, I think my heavy-handed, scorched earth approach to anything AV can't tackle means that rootkits and ring -2 are identical to me. Both need BIOS reflash and disks secure-erased before a reinstall.

Malware installed this way can survive a reflash. For example that’s how pc anti-theft software works. Reflash, reinstall Windows, and it just gets reinstalled from the protected UEFI region.

A Call to Action: Bolster UEFI Cybersecurity Now | CISA

www.cisa.gov

persondb · Aug 12, 2024

Vincero said:
Its 'critical' in terms of direct impact - its impossible to class it based on risk as everyone works differently. For sure the risk is high of someone inadvertently loading it. For those with locked down devices and effective endpoint security, the risk is probably quite low, but the impact wouldn't be any different if it somehow was triggered.

That is why actual security professionals use vector strings to describe the attacks and not 'critical'.

For this one it's:

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Which Translating it means, Attack Vector is Local, Attack Complexity is High, Privileges Required is High, User Interaction is None, Scope is Changed, Confidentiality Impact is High, Integrity Impact is High and Availability Impact is High.

While the attack is hard to execute, the impact of a successful execution is very high which is why it ends up with being a serious threat.

If I am not mistaken, I don`t think there has ever really been a Spectre and Meltdown exploit in the wild too, but everyone rushed to fix those. Spectre allowed you to read any memory at something like kilobytes per second(I don't remember if it could modify it too).

Darmok N Jalad · Aug 12, 2024

Kinda feels like we need a ROM bios with basic recovery features as a fallback, and a secondary flashable BIOS that can be wiped from orbit by the ROM BIOS. Or will that not even work?

remixedcat · Aug 12, 2024

The timing of this whole thing is sus...

Intel hired them to cover up the 1314gate

Vincero · Aug 12, 2024

Darmok N Jalad said:
Kinda feels like we need a ROM bios with basic recovery features as a fallback, and a secondary flashable BIOS that can be wiped from orbit by the ROM BIOS. Or will that not even work?

Yep, it could be done... maybe on a removable chip just in case it needs to be reprogrammed to include new product support, etc...

Visible Noise · Aug 12, 2024

remixedcat said:
The timing of this whole thing is sus...

Intel hired them to cover up the 1314gate

Can’t tell if serious.

Hecate91 · Aug 12, 2024

Darmok N Jalad said:
Kinda feels like we need a ROM bios with basic recovery features as a fallback, and a secondary flashable BIOS that can be wiped from orbit by the ROM BIOS. Or will that not even work?

Having a ROM chip in a socket would be nice also, and I miss when even cheaper boards had dual BIOS. I wonder if dual BIOS would work if the secondary BIOS could only be used with a physical switch.

remixedcat · Aug 12, 2024

Visible Noise said:
Can’t tell if serious.

do you know what's going on w intel right?

Darmok N Jalad said:
Kinda feels like we need a ROM bios with basic recovery features as a fallback, and a secondary flashable BIOS that can be wiped from orbit by the ROM BIOS. Or will that not even work?

dual bios is doable. even routers have that... my meraki has a rapid failover in case the other is corrupted or doesn't boot it boots from the prev version.

kondamin said:
The concern for your average user with administrator privileges, which is like 99.9% of home users is very much there.
Especially if they use pirated software or cheat software which makes you turn off your anti virus software
I've even seen legitimate printer drivers trigger antivirus warnings forcing me to turn off protection to be able to install the device.

So, yes it's important this patch gets pushed and I hope it happens automatically trough a windows update or something so tech illiterate's machines get patched too.

ppl should have rejected those anti cheats to begin with they were always a bad idea and people were too desperate to play some games they complied.

Vincero · Aug 12, 2024

The only real issue with removable BIOSimplementations these days would probably revolve around TPM/secure boot, etc.
Arguably, you could have a removable TPM/BIOS chip seeing as both have a 'secure enclave' which could be rewritten via unknown malicious means - if mistakingly removed as long as it's restored back to the board/boot device it would work as normal.

R-T-B · Aug 12, 2024

persondb said:
I don`t think there has ever really been a Spectre and Meltdown exploit in the wild too, but everyone rushed to fix those.

The answer as to why is in the second portion of your sentence.

Meltdown was a shockingly easy form of privledge escalation. The only reason it wasn't exploited more was widespread patching.

Visible Noise · Aug 13, 2024

remixedcat said:
do you know what's going on w intel right?

So you’re saying Intel had the foresight to leak this vulnerability to a security company back in October, knowing that AMD would announce it right when Intel is releasing voltage patches the following August.

congrats, you’ve left me speechless.

remixedcat · Aug 13, 2024

Visible Noise said:
So you’re saying Intel had the foresight to leak this vulnerability to a security company back in October, knowing that AMD would announce it right when Intel is releasing voltage patches the following August.

congrats, you’ve left me speechless.

The media made the stink about it at the same time

System Name	Pioneer
Processor	Ryzen 9 9950X
Motherboard	MSI MAG X670E Tomahawk Wifi
Cooling	Noctua NH-D15 + A whole lotta Sunon, Phanteks and Corsair Maglev blower fans...
Memory	128GB (4x 32GB) G.Skill Flare X5 @ DDR5-4200(Running 1:1:1 w/FCLK)
Video Card(s)	XFX RX 7900 XTX Speedster Merc 310
Storage	Intel 5800X Optane 800GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs, 1x 2TB Seagate Exos 3.5"
Display(s)	55" LG 55" B9 OLED 4K Display
Case	Thermaltake Core X31
Audio Device(s)	TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply	FSP Hydro Ti Pro 850W
Mouse	Logitech G305 Lightspeed Wireless
Keyboard	WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software	Gentoo Linux x64, other office machines run Windows 11 Enterprise

System Name	KHR-1
Processor	Ryzen 9 5900X
Motherboard	ASRock B550 PG Velocita (UEFI-BIOS P3.40)
Memory	64 GB G.Skill RipJaws V F4-3200C16D-64GVK
Video Card(s)	Sparkle Titan Arc A770 16 GB
Storage	Western Digital Black SN850 1 TB NVMe SSD
Display(s)	Alienware AW3423DWF OLED-ASRock PG27Q15R2A (backup)
Case	Corsair 275R
Audio Device(s)	Technics SA-EX140 receiver with Polk VT60 speakers
Power Supply	eVGA Supernova G3 750W
Mouse	Logitech G Pro (Hero)
Software	Windows 11 Pro x64 23H2

System Name	XPS, Lenovo and HP Laptops, HP Xeon Mobile Workstation, HP Servers, Dell Desktops
Processor	Everything from Turion to 13900kf
Motherboard	MSI - they own the OEM market
Cooling	Air on laptops, lots of air on servers, AIO on desktops
Memory	I think one of the laptops is 2GB, to 64GB on gamer, to 128GB on ZFS Filer
Video Card(s)	A pile up to my knee, with a RTX 4090 teetering on top
Storage	Rust in the closet, solid state everywhere else
Display(s)	Laptop crap, LG UltraGear of various vintages
Case	OEM and a 42U rack
Audio Device(s)	Headphones
Power Supply	Whole home UPS w/Generac Standby Generator
Software	ZFS, UniFi Network Application, Entra, AWS IoT Core, Splunk
Benchmark Scores	1.21 GigaBungholioMarks

System Name	KHR-1
Processor	Ryzen 9 5900X
Motherboard	ASRock B550 PG Velocita (UEFI-BIOS P3.40)
Memory	64 GB G.Skill RipJaws V F4-3200C16D-64GVK
Video Card(s)	Sparkle Titan Arc A770 16 GB
Storage	Western Digital Black SN850 1 TB NVMe SSD
Display(s)	Alienware AW3423DWF OLED-ASRock PG27Q15R2A (backup)
Case	Corsair 275R
Audio Device(s)	Technics SA-EX140 receiver with Polk VT60 speakers
Power Supply	eVGA Supernova G3 750W
Mouse	Logitech G Pro (Hero)
Software	Windows 11 Pro x64 23H2

System Name	Pioneer
Processor	Ryzen 9 9950X
Motherboard	MSI MAG X670E Tomahawk Wifi
Cooling	Noctua NH-D15 + A whole lotta Sunon, Phanteks and Corsair Maglev blower fans...
Memory	128GB (4x 32GB) G.Skill Flare X5 @ DDR5-4200(Running 1:1:1 w/FCLK)
Video Card(s)	XFX RX 7900 XTX Speedster Merc 310
Storage	Intel 5800X Optane 800GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs, 1x 2TB Seagate Exos 3.5"
Display(s)	55" LG 55" B9 OLED 4K Display
Case	Thermaltake Core X31
Audio Device(s)	TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply	FSP Hydro Ti Pro 850W
Mouse	Logitech G305 Lightspeed Wireless
Keyboard	WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software	Gentoo Linux x64, other office machines run Windows 11 Enterprise

"Sinkclose" Vulnerability Affects Every AMD CPU Dating Back to 2006

Qwerty101

R-T-B

RJARRRPCGP

Visible Noise

RJARRRPCGP

R-T-B

RJARRRPCGP

Solaris17

Super Dainty Moderator

Vincero

Frick

Fishfaced Nincompoop

AusWolf

Chrispy_

R-T-B

Visible Noise

A Call to Action: Bolster UEFI Cybersecurity Now | CISA

persondb

Darmok N Jalad

remixedcat

Vincero

Visible Noise

Hecate91

remixedcat

Vincero

R-T-B

Visible Noise

remixedcat

System Name	RogueOne
Processor	Xeon W9-3495x
Motherboard	ASUS w790E Sage SE
Cooling	SilverStone XE360-4677
Memory	128gb Gskill Zeta R5 DDR5 RDIMMs
Video Card(s)	MSI SUPRIM Liquid 5090
Storage	1x 2TB WD SN850X \| 2x 8TB GAMMIX S70
Display(s)	49" Philips Evnia OLED (49M2C8900)
Case	Thermaltake Core P3 Pro Snow
Audio Device(s)	Moondrop S8's on Schitt Gunnr
Power Supply	Seasonic Prime TX-1600
Mouse	Razer Viper mini signature edition (mercury white)
Keyboard	Wooting 80 HE White, Gateron Jades
VR HMD	Quest 3
Software	Windows 11 Pro Workstation
Benchmark Scores	I dont have time for that.

System Name	Black MC in Tokyo
Processor	Ryzen 5 7600
Motherboard	MSI X670E Gaming Plus Wifi
Cooling	Be Quiet! Pure Rock 2
Memory	2 x 16GB Corsair Vengeance @ 6000Mhz
Video Card(s)	XFX 6950XT Speedster MERC 319
Storage	Kingston KC3000 1TB \| WD Black SN750 2TB \|WD Blue 1TB x 2 \| Toshiba P300 2TB \| Seagate Expansion 8TB
Display(s)	Samsung U32J590U 4K + BenQ GL2450HT 1080p
Case	Fractal Design Define R4
Audio Device(s)	Plantronics 5220, Nektar SE61 keyboard
Power Supply	Corsair RM850x v3
Mouse	Logitech G602
Keyboard	Dell SK3205
Software	Windows 10 Pro
Benchmark Scores	Rimworld 4K ready!

System Name	My second and third PCs are Intel + Nvidia
Processor	AMD Ryzen 7 7800X3D @ 45 W TDP Eco Mode
Motherboard	MSi Pro B650M-A Wifi
Cooling	be quiet! Shadow Rock LP
Memory	2x 24 GB Corsair Vengeance DDR5-6000 CL36
Video Card(s)	PowerColor Reaper Radeon RX 9070 XT
Storage	2 TB Corsair MP600 GS, 4 TB Seagate Barracuda
Display(s)	Dell S3422DWG 34" 1440 UW 144 Hz
Case	Corsair Crystal 280X
Audio Device(s)	Logitech Z333 2.1 speakers, AKG Y50 headphones
Power Supply	750 W Seasonic Prime GX
Mouse	Logitech MX Master 2S
Keyboard	Logitech G413 SE
Software	Bazzite (Fedora Linux) KDE Plasma

System Name	Bragging Rights
Processor	Atom Z3735F 1.33GHz
Motherboard	It has no markings but it's green
Cooling	No, it's a 2.2W processor
Memory	2GB DDR3L-1333
Video Card(s)	Gen7 Intel HD (4EU @ 311MHz)
Storage	32GB eMMC and 128GB Sandisk Extreme U3
Display(s)	10" IPS 1280x800 60Hz
Case	Veddha T2
Audio Device(s)	Apparently, yes
Power Supply	Samsung 18W 5V fast-charger
Mouse	MX Anywhere 2
Keyboard	Logitech MX Keys (not Cherry MX at all)
VR HMD	Samsung Oddyssey, not that I'd plug it into this though....
Software	W10 21H1, barely
Benchmark Scores	I once clocked a Celeron-300A to 564MHz on an Abit BE6 and it scored over 9000.

System Name	Mac mini
Processor	Apple M1 8C
Motherboard	Mac mini logic board
Cooling	Mac mini cooler
Memory	16GB
Video Card(s)	M1 GPU
Storage	512GB
Display(s)	ASUS Pro Art 27"
Case	Mac mini enclosure
Power Supply	Apple 150W

System Name	RemixedBeast-NX
Processor	Intel Xeon E5-2690 @ 2.9Ghz (8C/16T)
Motherboard	Dell Inc. 08HPGT (CPU 1)
Cooling	Dell Standard
Memory	24GB ECC
Video Card(s)	Gigabyte Nvidia RTX2060 6GB
Storage	2TB Samsung 860 EVO SSD//2TB WD Black HDD
Display(s)	Samsung SyncMaster P2350 23in @ 1920x1080 + Dell E2013H 20 in @1600x900
Case	Dell Precision T3600 Chassis
Audio Device(s)	Beyerdynamic DT770 Pro 80 // Fiio E7 Amp/DAC
Power Supply	630w Dell T3600 PSU
Mouse	Logitech G700s/G502
Keyboard	Logitech K740
VR HMD	Linktr.ee/remixedcat // for my music ♡♡
Software	Linux Mint 20
Benchmark Scores	Network: APs: Ubiquiti Unifi AP-AC-LR and Lite Router/Sw:Meraki MX64 MS220-8P