Technology NewsAMD disclosed 31 vulnerabilities in its processors. Users...

AMD disclosed 31 vulnerabilities in its processors. Users of EPYC and Ryzen models may be at risk

-


AMD disclosed 31 vulnerabilities in its processors.  Users of EPYC and Ryzen models may be at riskAMD has just revealed in the latest January update that a total of 31 new vulnerabilities have been detected in EPYC and Ryzen processors. The company has already taken appropriate actions to fix the bugs, and also released a report prepared in cooperation with teams from Apple, Google and Oracle. New variants of the AGESA software have also been announced. Holders of many Red chips should therefore beware.

As many as 28 of the total 31 discovered vulnerabilities concern AMD EPYC processors. When it comes to consumer Ryzen units, only one of the three vulnerabilities is classified as very serious.

AMD disclosed 31 vulnerabilities in its processors.  Users of EPYC and Ryzen models may be at risk [1]

AMD Radeon RX 7900 XTX – the failure rate of the reference version of the card can be up to 11 percent

List of vulnerable AMD processors includes desktop and mobile Ryzen models, as well as multi-core Threadripper and EPYC units. There is only one high severity vulnerability, while two others are less significant but still important.

  • Ryzen 2000 (Pinnacle Ridge)
  • Ryzen 2000 APUs
  • APU Ryzen 5000
  • AMD Threadripper 2000 HEDT and Pro
  • AMD Threadripper 3000 HEDT and Pro
  • Ryzen 2000 mobile processors
  • Ryzen 3000 mobile processors
  • Ryzen 5000 mobile processors
  • Ryzen 6000 mobile processors
  • Athlon 3000 mobile processors

It is worth noting that as many as 28 out of all 31 discovered vulnerabilities concern AMD EPYC processors, four of which are very serious. Three high-severity variants allow arbitrary code execution using different attack vectors, and one allows data to be written to specific regions, which can lead to loss of data integrity and availability.

AMD disclosed 31 vulnerabilities in its processors.  Users of EPYC and Ryzen models may be at risk [2]

AMD has another problem, this time with mysteriously falling Radeon RX 6000 graphics cards

When it comes to consumer Ryzen units, only one of the three vulnerabilities is classified as very serious. These vulnerabilities can be exploited by hacking into the BIOS or attacking the AMD Secure Processor (ASP) loader. All this sounds very serious, but the good news is that the new versions of the AGESA firmware have already been delivered to AMD’s partners and they are now obliged to release them as soon as possible. It is recommended that any user of the aforementioned AMD chip visit the website of the manufacturer of their motherboard and look for the appropriate update, but it may take a while for it to arrive. Usually Reds publish lists of vulnerabilities in May and November each year, but this time a large number of them forced the manufacturer to act in January.

Source: Tom’s Hardware, WCCFTech, AMD



LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest news

follow the Galaxy Unpacked 2023 live

We tell you how you can follow the Unpacked 2023 event live and online. join the conversationThe day...

அண்டார்டிகாவில் பிரண்ட் ஐஸ் ஷெல்ஃப் உடைகிறது – சான் பிரான்சிஸ்கோவின் 12 மடங்கு பெரிய பனிப்பாறையை உருவாக்குகிறது

கோப்பர்நிக்கஸ் சென்டினல்-2 செயற்கைக்கோளில் இருந்து எடுக்கப்பட்ட இந்த படங்கள், பிரண்ட் ஐஸ் ஷெல்ஃபில் இருந்து பிரிந்து சென்ற பாரிய பனிக்கட்டியின் முன்னும் பின்னும் இருப்பதைக்...

AMD Radeon 780M – upcoming graphics chip almost as good as NVIDIA GeForce RTX 2050

The first tests of the upcoming system from the red Radeon 780M based on the RDNA 3 architecture...

Experts Warn of ‘Ice Breaker’ Cyberattacks Targeting Gaming and Gambling Industry

Feb 01, 2023Ravie LakshmananGaming / Cyber Attack A new attack campaign has targeted the gaming and gambling sectors since...

The revolution of self-driving vehicles is advancing at a snail’s pace, so investors are spending their money differently

The promise that autonomous vehicles will cover the roads and transform transportation will not come to fruition for...

New Sh1mmer ChromeBook exploit unenrolls managed devices

A new exploit called ‘Sh1mmer’ allows users to unenroll an enterprise-managed Chromebook, enabling them to install any apps...

Must read