A dangerous potato: After researchers revealed the initial details of the Sinkclose security issue, AMD announced that a firmware update would be coming for some of its desktop, mobile, and server CPUs. However, in a surprising move, AMD has now decided to release a new microcode update for older Ryzen processors as well, though the exact reason for this decision remains unclear.
Sinkclose is a potentially serious security vulnerability discovered by IOActive analysts in AMD’s x86 CPU technology. This low-level bug affects all processors released by the Santa Clara-based corporation since 2006. While AMD acknowledged IOActive’s research, the company initially decided to release a microcode-based fix only for some of its most recent CPUs.
This decision sparked significant controversy, as widely used processors, some just five years old, were being left unprotected. In response to the backlash, AMD ultimately decided to address the Sinkclose vulnerability in older Ryzen CPUs as well. The company recently updated its security bulletin regarding the SMM Lock Bypass (CVE-2023-31315) issue, which is the formal definition of the security flaw informally known as Sinkclose.
On August 14, AMD updated its bulletin to provide a new “mitigation status” for Ryzen 3000 desktop processors based on the Matisse (Zen 2) microarchitecture. Although the company anticipated releasing a fix by August 20, the mitigation was actually delivered on August 19. Owners of PCs using Ryzen 3000 desktop CPUs should now look for the ComboAM4PI 1.0.0ba update, which is being distributed by OEM motherboard manufacturers through new firmware versions.
AMD describes CVE-2023-31315 as a “high” severity vulnerability that could lead to arbitrary code execution within the System Management Mode (SMM) environment, one of the most privileged operating modes in x86 CPUs. SMM technology was first introduced by Intel with the 386SL 32-bit processor as a power management feature, while AMD implemented its version of SMM in the Am386 processors released in 1991.
When the CPU is in SMM, normal code execution is suspended, and the operating system is effectively paused. A malicious actor with ring 0 access (Windows kernel-level access) could infect the PC’s firmware to execute code in SMM (ring -2) during boot, AMD confirms. This scenario could effectively turn a bootkit into an invisible “ghost” within the system, making it extremely difficult – if not impossible – to remove without invasive hardware modifications.
AMD first released its third-generation Ryzen processors in November 2019, offering PC users a 15 percent increase in IPC (instructions per cycle) performance while reducing energy consumption. These CPUs retained compatibility with the AM4 socket used in previous models and introduced support for PCI Express 4.0 connectivity.
