Skip Navigation

PC Game Shots relies on readers. We may earn commissions when you purchase through our links. Check Affiliate Disclosure

Security Risk in AMD CPUs Patched for Recent Models

AMD CPUs Patched for Recent Models
Image credit to AMD

A security vulnerability has been found in some AMD processors, affecting models dating back to 2006. This flaw, named SinkClose and tracked as CVE-2023-31315, poses a potential risk for malware attacks and unauthorized access by insiders with system privileges.

The vulnerability allows malicious software or users with kernel-level access to run code in System Management Mode (SMM), a highly privileged execution environment in x86 processors. SMM operates below the kernel and hypervisor, giving it unrestricted access to the machine. This means that if an attacker exploits SinkClose, they could potentially take control of the entire system without detection by standard security tools.

Who’s Affected and What’s Being Done?

While the flaw impacts AMD CPUs from nearly two decades ago, the company is focusing its patching efforts on processors released since 2020. The fix will be delivered through firmware updates via BIOS makers or as a hot-loadable microcode update.

Affected processors receiving patches include:

  • Epyc CPUs from generations one through four (Naples, Milan, Rome, Genoa, Bergamo, and Siena)
  • Select Ryzen 3000-series products
  • Most SKUs from Ryzen 4000, 5000, 7000, and 8000 ranges
  • Some Ryzen 1000 and 2000 embedded CPUs

Unfortunately, older desktop models in the Ryzen range won’t receive patches. AMD considers these models as having exited support, including Zen and Zen+ desktop CPUs.

The good news is that exploiting this vulnerability requires kernel-level access, which means an attacker would already need significant control over the system. This factor reduces the overall criticality of the flaw.

However, if exploited, SinkClose could allow attackers to:

  • Take over the system completely
  • Spy on user activities
  • Steal sensitive data
  • Infect the machine at the BIOS level, making detection and cleanup challenging

I recommend users of affected AMD processors to stay vigilant and apply any available firmware updates as soon as they’re released. If you’re using an older, unpatched AMD CPU, consider upgrading to a newer, supported model if security is a top priority for your system.