"Sinkclose" Vulnerability Affects Every AMD CPU Dating Back to 2006

[AleksandarK]

A critical security flaw known as "Sinkclose" (CVE-2023-31315) has been identified in all AMD processors dating back to 2006, potentially affecting hundreds of millions of devices worldwide. This vulnerability allows malicious actors to exploit the chip architecture, leading to unauthorized access to sensitive data. Researchers Enrique Nissim and Krzysztof Okupski, researchers from the security firm IOActive, have revealed that the vulnerability can be exploited through various methods, enabling attackers to extract confidential information from affected systems, including passwords and personal data. The issue is especially concerning, given that it is present in all AMD CPUs made in the last 18 years and their widespread use in both consumer and enterprise environments. However, to exploit this vulnerability, an attacker must possess access to system's kernel. Downloading of malware-infused files can trigger it, so general safety measures are recommended.

The Sinkclose method exploits a little-known capability in AMD processors called TClose. This name is a blend of "TClose" and "Sinkhole," with the latter referring to a previous vulnerability found in Intel's System Management Mode in 2015. AMD chips employ a protective mechanism named TSeg, which blocks operating systems from accessing a specific memory area reserved for System Management Mode (SMM), known as System Management Random Access Memory (SMRAM). However, the TClose feature is designed to maintain backward compatibility with older hardware that might use the same memory addresses as SMRAM. It does this by remapping memory when activated. The security experts discovered that they could manipulate this TClose remapping function using only standard operating system permissions. By doing so, they could deceive the SMM into retrieving altered data, enabling them to redirect the processor and run their own instructions with the high-level privileges of SMM. This technique essentially allows attackers to bypass standard security measures and execute malicious code at one of the most privileged levels of the processor, potentially compromising the entire system.




In response to the discovery, AMD has initiated a patching process for its critical chip lines, aiming to mitigate the risks associated with this flaw. The company works closely with hardware manufacturers and software developers to ensure that updates are deployed swiftly and effectively. Enrique Nissim and Krzysztof Okupski agreed not to publish any proof-of-concept code for the vulnerability to ensure that the patches aren't rushed and systems are not getting exploited. AMD already issued patched for most of its models, and you should check out the official website for your specific mitigation firmware update. The enterprise EPYC CPUs and Instinct accelerators have been a first-priority products with patches implemented in May, while consumer desktop/laptop 4000/5000/7000/8000 series CPUs received a fix in August. No fixes are planned for 3000 series Ryzen CPUs. Workstation-grade CPUs have also received an update to mitigate this issue.

Update 08:20 UTC: AMD confirmed that the Ryzen 3000 series "Matisse" processors are getting an update planned for August 20, 2024.

View at TechPowerUp Main Site | Source

 

[mb194dc]

Yes and you need kernel level access to exploit it, i.e installing a compromised driver or something like that.

The concern for your average user is less than zero.

If a threat actor has that kind of access they can do much worse than just this exploit. I guess governments or people running missions critical intelligence or military infrastructure could be concerned. I'd also guess there are zero of these first gen ryzen chips being used in such places anyway.

 

[mtosev]

I hope that the fix won't affect the performance of these chips.

 

[ncrs]

The security experts discovered that they could manipulate this TClose remapping function using only standard operating system permissions

Just to clarify, "standard operating system permissions" means administrative access. In this context "standard" means ring 0 in the x86 nomenclature, while SMM itself is often described as ring -2.

AMD was made aware of this vulnerability before revealing it; however, time is still required to implement the fix.

In the AMD security bulletin linked in the news it clearly states that microcode fix has been already released in May 2024, but only for EPYCs and Instinct APUs.
Fixed consumer firmware will come later this year.

I hope that the fix won't have a performance penalty.

It's unlikely since the fix for EPYCs was already in use for a few months.

 

[gs020p]

Yepp till Intel stock did not crash AMD issues never got highlighted. We as users will always be played by state to use our data in the name of hackers.

 

[ty_ger]

Yes and you need kernel level access to exploit it, i.e installing a compromised driver or something like that.

The concern for your average user is less than zero.

If a threat actor has that kind of access they can do much worse than just this exploit. I guess governments or people running missions critical intelligence or military infrastructure could be concerned. I'd also guess there are zero of these first gen ryzen chips being used in such places anyway.

I don't understand this sort of flippant response. People install malicious software every day via social engineering. This is another exploit that allows slightly malicious software to become very malicious. There is no reason to downplay its potential until it is fixed.

 

[azrael]

A bit miffed that the 3000 (and also 1000 and 2000) series won't get a patch. Thinking about desktop chips, of course.

 

[john_]

Time to replace those old Opteron servers.
Or maybe

to exploit this vulnerability, an attacker must possess access to system's kernel

not.

A bit miffed that the 3000 (and also 1000 and 2000) series won't get a patch. Thinking about desktop chips, of course.

AMD does have a habit of not supporting hardware that is still in the market. I am not sure if the old(10-15 years ago) AMD was doing it, but today's AMD does.
I mean, Vega is not getting the same upgrades as RDNA2/3 chips, but it's still on the market, in the form of the iGPU in many AMD chips.
3000(Zen 2) series is still selling as mobile chips and desktop chips. Under new names as part of mobile 7000 series, or as part of the 4000 desktop APUs.

 

[kondamin]

Yes and you need kernel level access to exploit it, i.e installing a compromised driver or something like that.

The concern for your average user is less than zero.

If a threat actor has that kind of access they can do much worse than just this exploit. I guess governments or people running missions critical intelligence or military infrastructure could be concerned. I'd also guess there are zero of these first gen ryzen chips being used in such places anyway.

The concern for your average user with administrator privileges, which is like 99.9% of home users is very much there.
Especially if they use pirated software or cheat software which makes you turn off your anti virus software
I've even seen legitimate printer drivers trigger antivirus warnings forcing me to turn off protection to be able to install the device.

So, yes it's important this patch gets pushed and I hope it happens automatically trough a windows update or something so tech illiterate's machines get patched too.

 

[LabRat 891]

I'm guessing the first unaffected uArch is K8?
Phenom/K10 was introduced in 2006, iirc.

 

[Naito]

Where humans exist, errors exist.

 

[Frick]

The concern for your average user with administrator privileges, which is like 99.9% of home users is very much there.

Can you even run Windows 10/11 as admin by default?

 

[Bwaze]

"No fixes are planned for 3000 series Ryzen CPUs."

I wonder why such an arbitrary cut-off date for relatively recent product? There wasn't much incentive for Ryzen 3000 users to upgrade, so I think they are still very common?

 

[kondamin]

Can you even run Windows 10/11 as admin by default?

sure you can, just because it's tied to a cloud account doesn't take away your admin privileges.
you wouldn't be able to install office 365 is you weren't

 

[Frick]

sure you can, just because it's tied to a cloud account doesn't take away your admin privileges.
you wouldn't be able to install office 365 is you weren't

Why would installing programs require admin privilegies? If I launch CMD it does not have that.

 

[Vincero]

"No fixes are planned for 3000 series Ryzen CPUs."

I wonder why such an arbitrary cut-off date for relatively recent product? There wasn't much incentive for Ryzen 3000 users to upgrade, so I think they are still very common?

I am even more confused as the Ryzen 4000 APUs are using Zen2 cores which normal desktop Ryzen 3000 CPUs also use. Maybe because 3000 series APUs are not Zen2 based they saved confusion by excluding the entire 3000 lineup... seems odd/dumb, especially as they qualify for the whole BS around Win11 compatibility.

Why would installing programs require admin privilegies? If I launch CMD it does not have that.

Not until you run a command that does and then you get the UAC prompt...

 

[Crackong]

to exploit this vulnerability, an attacker must possess access to system's kernel

I don't think anyone having access to your kernel really needs to use an vulnerability anymore.

 

[ty_ger]

I don't think anyone having access to your kernel really needs to use an vulnerability anymore.

Why not? Kernel access just needs social engineering. That happens all the time. That will "only" give them Ring 0 access. This vulnerability would allegedly give them Ring -2 access. That's where you can do lasting damage without detection.

 

[Chrispy_]

Dumb question;

Once a bad actor has kernel access, isn't the whole system already 100% exploitable, 100% compromised at that point, no matter what?

Ring 0 access is already a total system loss, time for a system wipe involving a BIOS reflash and then bootup from an external drive to secure-erase the original disk. The fact this gives attackers even more access is a moot point, no?

 

[ty_ger]

Dumb question;

Once a bad actor has kernel access, isn't the whole system already 100% exploitable, 100% compromised at that point, no matter what?

Ring 0 access is already a total system loss, time for a system wipe involving a BIOS reflash and then bootup from an external drive to secure-erase the original disk. The fact this gives attackers even more access is a moot point, no?

No. A threat can operate quietly in Ring 0 theoretically for a while, but once found out, it can be detected and eliminated. You gave an example of how it could be eliminated. But let's be real: almost no one is going to do a bios flash.

Ring -2 could theoretically avoid detection forever and not be eliminated so easily. Almost no one will think that they will have something operating at that level that a bios reflash is necessary.

 

[Daven]

Why not? Kernel access just needs social engineering. That happens all the time. That will "only" give them Ring 0 access. This vulnerability would allegedly give them Ring -2 access. That's where you can do lasting damage without detection.

He or she means that already having Kernel level access gives you the ability to wreak havoc, even if Sinkclose didn’t exist.

 

[Easo]

Dumb question;

Once a bad actor has kernel access, isn't the whole system already 100% exploitable, 100% compromised at that point, no matter what?

Ring 0 access is already a total system loss, time for a system wipe involving a BIOS reflash and then bootup from an external drive to secure-erase the original disk. The fact this gives attackers even more access is a moot point, no?

Not a dumb question, but yes, at that point you already have lost. Biggest issue is with virtualization - if you can escape it all these CPU vulnerabilities can allow attacker to start moving around.

 

[ty_ger]

He or she means that already having Kernel level access gives you the ability to wreak havoc, even if Sinkclose didn’t exist.

See reply above to same question.

One is lasting and avoids detection, the other not.

What is this logic? Because something that is bad already exists, something that is worse isn't bad?

 

[Vincero]

Not a dumb question, but yes, at that point you already have lost. Biggest issue is with virtualization - if you can escape it all these CPU vulnerabilities can allow attacker to start moving around.

Hard to know if virtualisation would be an attack vector - accessing the SMM on many machines is at a 'system'/interrupt level, however in a virtual machine the hypervisor is pretending to be the system with fake hardware interrupts, etc., and I'd hope / expect there would be protections in place around this function (SMM goes back a looooong time) - normal apps / most OS functions would never likely need to access the SMM either so not sure even initialising the capability would even be virtualised. Potentially VMs with VT-d/IOMMU priviledges may be able to escape this, but that's assuming that access vector is exposed through that resource branch (which is unlikely...?).
Most modern uses of SMM for power management, device hotplugging, plug/play & IO/APIC stuff, would all be masked by the hypervisor in nearly every instance I can think of.

This would seem to be a vulnerability that is primarily exposed by the exploit needing to be executed by someone/something at the main OS level.

 

[Hecate91]

What is this logic? Because something that is bad already exists, something that is worse isn't bad?

No its because something worse is a moot point as if someone attacks at ring 0, the user is already compromised, though either is unlikely unless if the user is clicking on suspicious links.