"Sinkclose" Vulnerability Affects Every AMD CPU Dating Back to 2006

Stefan Mileschin · 13th August 2024, 04:10

A critical security flaw known as "Sinkclose" (CVE-2023-31315) has been identified in all AMD processors dating back to 2006, potentially affecting hundreds of millions of devices worldwide. This vulnerability allows malicious actors to exploit the chip architecture, leading to unauthorized access to sensitive data. Researchers Enrique Nissim and Krzysztof Okupski, researchers from the security firm IOActive, have revealed that the vulnerability can be exploited through various methods, enabling attackers to extract confidential information from affected systems, including passwords and personal data. The issue is especially concerning, given that it is present in all AMD CPUs made in the last 18 years and their widespread use in both consumer and enterprise environments. However, to exploit this vulnerability, an attacker must possess access to system's kernel. Downloading of malware-infused files can trigger it, so general safety measures are recommended.

https://www.techpowerup.com/325488/s...g-back-to-2006

13th August 2024, 04:10	#1
Stefan Mileschin [M] Reviewer Join Date: May 2010 Location: Romania Posts: 152,455	"Sinkclose" Vulnerability Affects Every AMD CPU Dating Back to 2006 A critical security flaw known as "Sinkclose" (CVE-2023-31315) has been identified in all AMD processors dating back to 2006, potentially affecting hundreds of millions of devices worldwide. This vulnerability allows malicious actors to exploit the chip architecture, leading to unauthorized access to sensitive data. Researchers Enrique Nissim and Krzysztof Okupski, researchers from the security firm IOActive, have revealed that the vulnerability can be exploited through various methods, enabling attackers to extract confidential information from affected systems, including passwords and personal data. The issue is especially concerning, given that it is present in all AMD CPUs made in the last 18 years and their widespread use in both consumer and enterprise environments. However, to exploit this vulnerability, an attacker must possess access to system's kernel. Downloading of malware-infused files can trigger it, so general safety measures are recommended. https://www.techpowerup.com/325488/s...g-back-to-2006

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Overclocker Vince "K\|NGP\|N" Lucido coming back under PNY	Stefan Mileschin	WebNews	0	25th June 2024 07:17
Apple M-Series CPUs Affected by "GoFetch" Unpatchable Cryptographic Vulnerability	Stefan Mileschin	WebNews	0	25th March 2024 07:13
AMD FSR 3.0 Extends to "The Last of Us Part 1," "Remnant II," and "RoboCop: Rogue Cit	Stefan Mileschin	WebNews	0	1st March 2024 06:58
"Star Wars: Battlefront Classic Collection" Strikes Back on March 14	Stefan Mileschin	WebNews	0	23rd February 2024 08:06
Olympus Japan announces that they're "back" in the AR Glasses game with MEG4.0	Stefan Mileschin	WebNews	0	6th July 2012 06:53
Intel launches "Tigerton" quad-core Xeons, new "Caneland" server platform	jmke	WebNews	0	6th September 2007 09:13
AMD 65nm SOI "Brisbane" Processors, December 2006	jmke	WebNews	0	16th May 2006 13:58
Galleries: the other "hardware" at Cebit 2006 part2	jmke	WebNews	0	14th March 2006 15:42
Galleries: the other "hardware" at Cebit 2006 part1	jmke	WebNews	0	14th March 2006 15:37
Intel Confirms "Second-Generation" Dual-Core Chips for Late 2006.	jmke	WebNews	0	10th May 2005 22:45