On Tue, Jan 21, 2025 at 06:31:31PM -0800, Tavis Ormandy wrote: > It looks like an OEM leaked the patch for a major upcoming CPU > vulnerability, i.e. "AMD Microcode Signature Verification > Vulnerability": > > https://rog.asus.com/motherboards/rog-strix/rog-strix-x870-i-gaming-wifi/helpdesk_bios/ > > I'm not thrilled about this - the patch is *not* currently in > linux-firmware, so this is the only publicly available patch. > > However, other people are discussing how to extract them: > > https://winraid.level1techs.com/t/offer-intel-amd-via-cpu-microcode-archives-1995-present/102857/53
Is this fix effective, or can it be bypassed via a downgrade attack? Since microcode loading can (hopefully!) only be done in ring 0 and SVM root mode, this means that one needs OS kernel access to perform an exploit. However, if an attacker could load arbitrary microcode, they could compromise SMM, SEV-SNP, and DRTM, so this is still pretty bad. -- Sincerely, Demi Marie Obenour (she/her/hers) Invisible Things Lab
signature.asc
Description: PGP signature
