Jump to content

Welcome to ExtremeHW

Welcome to ExtremeHW, register to take part in our community, don't worry this is a simple FREE process that requires minimal information for you to signup.

 

Registered users can: 

  • Start new topics and reply to others.
  • Show off your PC using our Rig Creator feature.
  • Subscribe to topics and forums to get updates.
  • Get your own profile page to customize.
  • Send personal messages to other members.
  • Take advantage of site exclusive features.
  • Upgrade to Premium to unlock additional sites features.
IGNORED

50+ vulnerabilities found in AMD EPYC processor and Radeon graphics drivers.


UltraMega

Recommended Posts

Quote

AMD recently issued security warnings to alert customers about security vulnerabilities in its EPYC CPU and Radeon graphics driver running on Windows 10 computers. Despite the fact that the vast majority of the vulnerabilities are rated as high-risk, AMD supplied patches as well as AGESA microcode packages to mitigate these risks.

 

The EPYC 7001, EPYC 7002, and EPYC 7003 processor generations are all affected by the 22 possible vulnerabilities that have been disclosed this time. They are targeted primarily at AMD platform security processors (PSP), AMD system management units (SMU), AMD Secure Encrypted Virtualization (SEV), and other platform components, including the AMD Xeon CPU.

When it comes to the 50 vulnerabilities resolved, nearly half (23 vulnerabilities) are rated as High Severity by the Common Vulnerability Scoring System (CVSS).

 

“During security reviews in collaboration with Google, Microsoft, and Oracle, potential vulnerabilities in the AMD Platform Security Processor (PSP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV) and other platform components were discovered and have been mitigated in AMD EPYC AGESA PI packages,” notes AMD in its security bulletin. 

As a result of the vulnerabilities identified, AMD has announced that it has published AGESA updates for all three generations of processors to remedy them. AMD's Generic Encapsulated System Architecture, known as AGESA, has been made available to motherboard suppliers for use in developing firmware and distributing updates.

 

Additionally, AMD has disclosed solutions for 27 vulnerabilities in the AMD Graphics Driver for Windows 10, with 18 of them being classified as High severity. 

According to AMD, the vulnerabilities can be exploited to facilitate escalation of privilege, unauthorized code execution, memory corruption, information disclosure, and denial of service attacks.

More than 50 vulnerabilities have been found in AMD EPYC processor and Radeon graphics drivers. (guru3d.com)

 

Question for people on this site; I have sort of stopped seeing "security exploit found" articles as very news worthy because IMO it's a constant arms race that will never end so we can just expect new exploits to constantly be found and then patched. That said, 50+ sure seems like a lot but in general I don't think this kind of thing is all that news worthy. What do you guys think?

Edited by UltraMega

Owned

 Share

CPU: 5800x
MOTHERBOARD: ASUS TUF Gaming B550-Plus
RAM: XMP 3600mhz CL16
GPU: 7900XT
SOUNDCARD: Sound Blaster Z 5.1 home theater
MONITOR: 4K 65 inch TV
Full Rig Info
Link to comment
Share on other sites

  • UltraMega changed the title to 50+ vulnerabilities found in AMD EPYC processor and Radeon graphics drivers.

They dont garner loads of conversation but not all news posts do. I think its still a relevant piece of industry news though. 

 

On the topic itself, not great to hear. At this rate they will be closing in on Intels numbers haha.

  • Thanks 1

£3000

Owned

 Share

CPU: AMD Ryzen 9 7950X3D
MOTHERBOARD: MSI Meg Ace X670E
RAM: Corsair Dominator Titanium 64GB (6000MT/s)
GPU: EVGA 3090 FTW Ultra Gaming
SSD/NVME: Corsair MP700 Pro Gen 5 2TB
PSU: EVGA Supernova T2 1600Watt
CASE: be quiet Dark Base Pro 900 Rev 2
FANS: Noctua NF-A14 industrialPPC x 6
Full Rig Info

Owned

 Share

CPU: Intel Core i5 8500
RAM: 16GB (2x8GB) Kingston 2666Mhz
SSD/NVME: 256GB Samsung NVMe
NETWORK: HP 561T 10Gbe (Intel X540 T2)
MOTHERBOARD: Proprietry
GPU: Intel UHD Graphics 630
PSU: 90Watt
CASE: HP EliteDesk 800 G4 SFF
Full Rig Info

£3000

Owned

 Share

CPU: 2 x Xeon|E5-2696-V4 (44C/88T)
RAM: 128GB|16 x 8GB - DDR4 2400MHz (2Rx8)
MOTHERBOARD: HP Z840|Intel C612 Chipset
GPU: Nvidia Quadro P2200
HDD: 4x 16TB Toshiba MG08ACA16TE Enterprise
SSD/NVME: Intel 512GB 670p NVMe (Main OS)
SSD/NVME 2: Samsung 1TB 980 NVMe (VM's)
SSD/NVME 3: 2x Seagate FireCuda 1TB SSD's (Apps)
Full Rig Info
Link to comment
Share on other sites

17 hours ago, UltraMega said:

More than 50 vulnerabilities have been found in AMD EPYC processor and Radeon graphics drivers. (guru3d.com)

 

Question for people on this site; I have sort of stopped seeing "security exploit found" articles as very news worthy because IMO it's a constant arms race that will never end so we can just expect new exploits to constantly be found and then patched. That said, 50+ sure seems like a lot but in general I don't think this kind of thing is all that news worthy. What do you guys think?

I think we're gonna see them as long as the info isn't suppressed.(How long did they figure Intel knew about the Meltdown and Spectre?) Also, the first 6 months of 2021 saw 132 "vulnerabilities" being addressed by Intel. So it's just Tit for Tat... 😉

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

This Website may place and access certain Cookies on your computer. ExtremeHW uses Cookies to improve your experience of using the Website and to improve our range of products and services. ExtremeHW has carefully chosen these Cookies and has taken steps to ensure that your privacy is protected and respected at all times. All Cookies used by this Website are used in accordance with current UK and EU Cookie Law. For more information please see our Privacy Policy