本帖最后由 theshy 于 2024-8-10 22:30 编辑
AMD 官方确认,部分 EPYC 和 Ryzen 处理器存在一个名为“Sinkclose”的新漏洞,代码为“CVE-2023-31315”。
以下EPYC处理器会受影响:
1st Gen AMD EPYC™ Processors formerly codenamed "Naples"
2nd Gen AMD EPYC™ Processors formerly codenamed "Rome"
3rd Gen AMD EPYC™ Processors formerly codenamed “Milan" and “Milan-X”
4th Gen AMD EPYC™ Processors formerly codenamed "Genoa", “Genoa-X”, “Bergamo”, and “Siena”
以下桌面处理器会受影响:
Ryzen™ 3000 (Matisse):没有修复计划;
Ryzen™ 4000 Series Desktop Processors with Radeon™ Graphics(Renoir) ComboAM4v2PI 1.2.0.cb (2024-07-30) 已经修复
Ryzen™ 5000 (Vermeer): ComboAM4v2PI 1.2.0.cb (2024-07-30) 已经修复
Ryzen™ 5000 Series Desktop processor with Radeon™ Graphics (Cezanne):ComboAM4v2PI 1.2.0.cb (2024-07-30) 已经修复
Ryzen™ 7000 Series Desktop Processors(Raphael):ComboAM5PI 1.2.0.1(2024-08-07)已经修复
Ryzen™ 8000 Series Processors with Radeon™ Graphics(Phoenix) ComboAM5PI 1.2.0.1(2024-08-07)已经修复
具体全貌可以看表格:
https://www.amd.com/en/resources ... in/amd-sb-7014.html
当前该漏洞需要内核级访问权限才能充分利用,影响相对较小。但对于已经遭受到该漏洞攻击的机器,影响极大,且难以修复。
参考:The issue is so severe that, in some cases, it may be easier to abandon an infected machine than to repair it, reports Wired.
目前尚不清楚AMD的修复方案是否会影响性能。
|
310112100042806
发表于 2024-8-10 22:14
