AMD Ryzen 3000 series desktop processors receive Sinkclose vulnerability mitigation patch

News from this site on August 20. According to AMD’s official website security announcement and briefing page, the company has pushed a Sinkclose vulnerability mitigation patch for the Ryzen 3000 series desktop processor code-named “Matisse” on the 19th local time.

AMD announced Sinkclose, a high-risk vulnerability numbered CVE-2023-31315, on August 9, local time.

According to the description, the vulnerability is due to incorrect validation in the processor's MSR (Special Module Register), which may allow a malicious program with ring0 access to modify the SMM configuration when SMM (System Management Mode) lock is enabled, which may occur Arbitrary code execution.

AMD released the first version of the security bulletin on the 9th. At that time, it was mentioned that it would provide PI (Platform Initialization) firmware updates containing mitigation measures for Ryzen 3000, first-generation Xiaolong and later CPUs, but it did not Does not include "Matisse" processor.

However, AMD adjusted its update plan on August 14 to include Ryzen 3000 series desktop processors in the PI update scope.

▲ Specific updated PI version

The above is the detailed content of AMD Ryzen 3000 series desktop processors receive Sinkclose vulnerability mitigation patch. For more information, please follow other related articles on the PHP Chinese website!