Описание
Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution.
A flaw was found in hw. Improper validation in a model-specific register (MSR) could allow a malicious program with ring0 access to modify the SMM configuration while the SMI lock is enabled. This issue can lead to arbitrary code execution.
Отчет
The CVE-2023-31315 vulnerability, known as "AMD Sinkclose," is a important security issue due to its ability to allow privilege escalation from ring 0 to ring -2, the most privileged execution mode on a CPU. This bypasses System Management Mode (SMM) protections, enabling attackers to execute arbitrary code within the CPU’s firmware layer, potentially leading to the installation of stealthy, persistent malware such as UEFI-based rootkits. These rootkits can subvert platform security mechanisms like Secure Boot, compromising the entire system’s integrity from the lowest levels and evading detection by traditional OS-level security measures. The widespread impact across AMD EPYC and Ryzen CPUs, coupled with the difficulty in patching older hardware, makes this a high-severity issue with significant implications for enterprise and consumer security.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | linux-firmware | Affected | ||
| Red Hat Enterprise Linux 7.7 Advanced Update Support | linux-firmware | Fixed | RHSA-2024:5982 | 29.08.2024 |
| Red Hat Enterprise Linux 7 Extended Lifecycle Support | linux-firmware | Fixed | RHSA-2024:5978 | 29.08.2024 |
| Red Hat Enterprise Linux 8 | linux-firmware | Fixed | RHSA-2024:7481 | 02.10.2024 |
| Red Hat Enterprise Linux 8.8 Extended Update Support | linux-firmware | Fixed | RHBA-2024:6202 | 03.09.2024 |
| Red Hat Enterprise Linux 9 | linux-firmware | Fixed | RHBA-2024:6169 | 03.09.2024 |
| Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | linux-firmware | Fixed | RHSA-2024:5980 | 29.08.2024 |
| Red Hat Enterprise Linux 9.2 Extended Update Support | linux-firmware | Fixed | RHBA-2024:5645 | 20.08.2024 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution.
Improper validation in a model specific register (MSR) could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution.
Improper validation in a model specific register (MSR) could allow a m ...
EPSS
7.5 High
CVSS3