A new vulnerability called Sinkhole has been discovered, impacting hundreds of millions of AMD CPUs dating back to 2006. The exploit affects nearly all AMD processors, including Ryzen, Threadripper, and Epyc CPUs across desktops and mobiles, as well as AMD’s data center GPUs. While this vulnerability poses a significant security threat, it’s unlikely to affect most users.
AMD has announced that only the most recent batch of chips will receive a patch, leaving older models vulnerable. This includes Ryzen 1000, 2000, and 3000 processors, as well as Threadripper 1000 and 2000 CPUs. AMD claims these older CPUs fall outside of their support window, despite millions still being in use. This decision has sparked controversy as even the most recent Ryzen 3000 chips were released over five years ago.
Sinkhole, discovered by researchers at IOActive, allows attackers to run code in System Management Mode. This mode provides close access to hardware, including firmware for power management settings. The vulnerability allows malware to burrow so deep that removing it becomes challenging, potentially requiring a complete system discard. However, this scenario requires attackers to have already deeply compromised a PC, meaning Sinkhole can only be exploited after a significant breach.
Researchers have suggested that a bootkit could be used to exploit Sinkhole. A bootkit is malicious code that runs before the operating system loads, effectively evading antivirus software. However, AMD clarifies that attackers would require access to the OS kernel for Sinkhole to be exploited, making it a highly targeted attack on a compromised PC. This scenario is unlikely to affect everyday users.
While the exploit is extremely deep and can even persist through operating system reinstallation, the risk to regular users is minimal. AMD has or will release patches for its most recent chips, including mobile processors dating back to AMD Athlon 3000 and desktop processors dating back to Ryzen 5000. Despite the low risk, it’s still recommended to patch your processor as a precaution. AMD assures that the update won’t negatively impact performance, making it a worthwhile security measure.
