this post was submitted on 09 Aug 2024
184 points (85.9% liked)

Technology

58141 readers
4769 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s
[email protected]
[email protected]
[email protected]
enu
[email protected]
L4s
184
‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections (www.wired.com)
submitted 1 month ago by [email protected] to c/technology
53 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 13 points 1 month ago (2 children)

A list of the effected processors would've been nice, Wired.

[–] vikingtons 16 points 1 month ago (1 children)
[–] [email protected] 28 points 1 month ago (2 children)

it may be possible for an attacker with ring 0 access to modify the configuration of System Management Mode (SMM) even when SMM Lock is enabled.

If attacker has a ring 0 access he can already screw you up any way he wants

[–] vikingtons 9 points 1 month ago (1 children)

that's all well and good, I was just responding to someone who wanted the list of affected products

[–] [email protected] 5 points 1 month ago (1 children)

It only mentions ring 0 access in your link, ergo they responded to your post because it was the most appropriate. At least that's how I see it.

[–] vikingtons 1 points 1 month ago

The link includes 'CVE-2023-31315'

[–] SzethFriendOfNimi 5 points 1 month ago

True. This does allow for persistent recurring infection post clean and cold boot.

Interesting flaw to keep an eye on.

[–] [email protected] 5 points 1 month ago* (last edited 1 month ago)

AMD hadn't published a list when the article was first run, but it has since been updated:

but it pointed to a full list of affected products that can be found on its website's [security bulletin page](but it pointed to a full list of affected products that can be found on its website's security bulletin page..